| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: security at linux-mandrake.com (Mandrake Linux Security Team)
Subject: MDKSA-2004:165 - Updated koffice packages fix
multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: koffice
Advisory ID: MDKSA-2004:165
Date: December 29th, 2004
Affected versions: 10.0, 10.1
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the xpdf package,
which also effect software using embedded xpdf code, such as koffice
(CAN-2004-0888).
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0.
Also programs like koffice which have embedded versions of xpdf.
These can result in writing an arbitrary byte to an attacker controlled
location which probably could lead to arbitrary code execution.
iDefense also reported a buffer overflow vulnerability, which affects
versions of xpdf <= xpdf-3.0 and several programs, like koffice, which use
embedded xpdf code. An attacker could construct a malicious payload file
which could enable arbitrary code execution on the target system
(CAN-2004-1125).
The updated packages are patched to protect against these
vulnerabilities.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
1e0b46cd6942a0c964dc05bfe3c8a76e 10.0/RPMS/koffice-1.3-12.1.100mdk.i586.rpm
0e2af47813d3709e12ac9dc2b702e0cd 10.0/RPMS/libkoffice2-1.3-12.1.100mdk.i586.rpm
82131f7b6025175d01c8e17baac6446d 10.0/RPMS/libkoffice2-devel-1.3-12.1.100mdk.i586.rpm
ff998b96be3312f1d2e1c436afb45a63 10.0/SRPMS/koffice-1.3-12.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
a44c06b1ab148f400b5324f362f6cdab amd64/10.0/RPMS/koffice-1.3-12.1.100mdk.amd64.rpm
4e557b6bdee2e4a8c9d2c0e49cbaece2 amd64/10.0/RPMS/lib64koffice2-1.3-12.1.100mdk.amd64.rpm
3cda03975322e745e4cdefdf37428ac4 amd64/10.0/RPMS/lib64koffice2-devel-1.3-12.1.100mdk.amd64.rpm
ff998b96be3312f1d2e1c436afb45a63 amd64/10.0/SRPMS/koffice-1.3-12.1.100mdk.src.rpm
Mandrakelinux 10.1:
2a4fe535aad4b5d29c4924e239e64803 10.1/RPMS/koffice-1.3.3-2.1.101mdk.i586.rpm
b44aea2072393b955b3c31879a08cb9b 10.1/RPMS/koffice-karbon-1.3.3-2.1.101mdk.i586.rpm
1806dfa15c7ac10e4f401936b40b98be 10.1/RPMS/koffice-kformula-1.3.3-2.1.101mdk.i586.rpm
64f1efdee6488d4f7f5d88779047f173 10.1/RPMS/koffice-kivio-1.3.3-2.1.101mdk.i586.rpm
b7cc22044ad7540a2493d1ed0189f384 10.1/RPMS/koffice-koshell-1.3.3-2.1.101mdk.i586.rpm
aa9e8190c9eacf5ef516b89d8365bbff 10.1/RPMS/koffice-kpresenter-1.3.3-2.1.101mdk.i586.rpm
e037c4cd82a6f1197f8e123a2ca75fd0 10.1/RPMS/koffice-kspread-1.3.3-2.1.101mdk.i586.rpm
09569b4ce2ae5c7461df8597a528c7db 10.1/RPMS/koffice-kugar-1.3.3-2.1.101mdk.i586.rpm
437eb0c507e1e678a5502e4b37e8113e 10.1/RPMS/koffice-kword-1.3.3-2.1.101mdk.i586.rpm
3bd173dbfc9928ae10bdd5c361e5e1e6 10.1/RPMS/koffice-progs-1.3.3-2.1.101mdk.i586.rpm
437641929c341647ce0f1542787ff986 10.1/RPMS/libkoffice2-karbon-1.3.3-2.1.101mdk.i586.rpm
d59a1f3daaae708a884aea0890dfa0e5 10.1/RPMS/libkoffice2-kformula-1.3.3-2.1.101mdk.i586.rpm
15d04722601339436cbf717c0106a44b 10.1/RPMS/libkoffice2-kivio-1.3.3-2.1.101mdk.i586.rpm
cda4f68448ac51cc9625c74ddd4f827f 10.1/RPMS/libkoffice2-koshell-1.3.3-2.1.101mdk.i586.rpm
fc83c4890249ba4b56e5149bc4471ef6 10.1/RPMS/libkoffice2-kpresenter-1.3.3-2.1.101mdk.i586.rpm
e56823573bb2485116bbf3f5b490491c 10.1/RPMS/libkoffice2-kspread-1.3.3-2.1.101mdk.i586.rpm
d26ca6b59d8cccb58fbf5424c9441921 10.1/RPMS/libkoffice2-kspread-devel-1.3.3-2.1.101mdk.i586.rpm
1a757e3fcc5d9be94347a70ef393f2bf 10.1/RPMS/libkoffice2-kugar-1.3.3-2.1.101mdk.i586.rpm
71df2e1e9e6503b02a2e15553470df2c 10.1/RPMS/libkoffice2-kugar-devel-1.3.3-2.1.101mdk.i586.rpm
1be385646572df37009455ce723d55e0 10.1/RPMS/libkoffice2-kword-1.3.3-2.1.101mdk.i586.rpm
38497a624d579dfdc4257e230b3daf7e 10.1/RPMS/libkoffice2-kword-devel-1.3.3-2.1.101mdk.i586.rpm
e900f4bce3981f1ae4a778b683e4182c 10.1/RPMS/libkoffice2-progs-1.3.3-2.1.101mdk.i586.rpm
ef3753bfb708676a4edb0749dd04fa75 10.1/RPMS/libkoffice2-progs-devel-1.3.3-2.1.101mdk.i586.rpm
1fc631607620e2201a0f012d5e0de3be 10.1/SRPMS/koffice-1.3.3-2.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
f6950e03d0c945a4debb30ee37aac470 x86_64/10.1/RPMS/koffice-1.3.3-2.1.101mdk.x86_64.rpm
b340f444b0d7c5c29ca848d81bd6918b x86_64/10.1/RPMS/koffice-karbon-1.3.3-2.1.101mdk.x86_64.rpm
febb09afa0f89a19c18d11de634f6e59 x86_64/10.1/RPMS/koffice-kformula-1.3.3-2.1.101mdk.x86_64.rpm
641df616c05818a12372982d8434ef9c x86_64/10.1/RPMS/koffice-kivio-1.3.3-2.1.101mdk.x86_64.rpm
019316f2213bce109fa3a223b969f0ab x86_64/10.1/RPMS/koffice-koshell-1.3.3-2.1.101mdk.x86_64.rpm
ccfc1ac77e6358804c133b40ef127c83 x86_64/10.1/RPMS/koffice-kpresenter-1.3.3-2.1.101mdk.x86_64.rpm
4f9a88e076a581cada3dc68ba7ecb832 x86_64/10.1/RPMS/koffice-kspread-1.3.3-2.1.101mdk.x86_64.rpm
3d6f9eaf81d418e72c1f53c582bfeaaa x86_64/10.1/RPMS/koffice-kugar-1.3.3-2.1.101mdk.x86_64.rpm
dfc842fa3ee599c11bfc27fa8f326eb1 x86_64/10.1/RPMS/koffice-kword-1.3.3-2.1.101mdk.x86_64.rpm
b1bb22ec5ed4a4cf9a0f430d2e2553b1 x86_64/10.1/RPMS/koffice-progs-1.3.3-2.1.101mdk.x86_64.rpm
3795a1b1fcefccc5c977d127c43227f1 x86_64/10.1/RPMS/lib64koffice2-karbon-1.3.3-2.1.101mdk.x86_64.rpm
b820fea6c679d7c60ff2acbad896449f x86_64/10.1/RPMS/lib64koffice2-kformula-1.3.3-2.1.101mdk.x86_64.rpm
b209f0c50f7bf00ae735537138f444b6 x86_64/10.1/RPMS/lib64koffice2-kivio-1.3.3-2.1.101mdk.x86_64.rpm
0fb957d0a64df32e699d362af714781c x86_64/10.1/RPMS/lib64koffice2-koshell-1.3.3-2.1.101mdk.x86_64.rpm
f794ae3af010b2f33ebc1a99c99f7108 x86_64/10.1/RPMS/lib64koffice2-kpresenter-1.3.3-2.1.101mdk.x86_64.rpm
ad9a9df73efd05eaff91887781d9adfb x86_64/10.1/RPMS/lib64koffice2-kspread-1.3.3-2.1.101mdk.x86_64.rpm
5851d28588be19a8da437ccb7671fa68 x86_64/10.1/RPMS/lib64koffice2-kspread-devel-1.3.3-2.1.101mdk.x86_64.rpm
ad37853543c47c7a7c41716fdc3a547f x86_64/10.1/RPMS/lib64koffice2-kugar-1.3.3-2.1.101mdk.x86_64.rpm
d6723cc2688893ee69f9b62b370bf254 x86_64/10.1/RPMS/lib64koffice2-kugar-devel-1.3.3-2.1.101mdk.x86_64.rpm
7b207d00b0eb91b62ff50ac59276a091 x86_64/10.1/RPMS/lib64koffice2-kword-1.3.3-2.1.101mdk.x86_64.rpm
7b075324f6d933d2ae62b35e70d5cc9e x86_64/10.1/RPMS/lib64koffice2-kword-devel-1.3.3-2.1.101mdk.x86_64.rpm
7a4e7f4be8056e172c061a932bc16dd9 x86_64/10.1/RPMS/lib64koffice2-progs-1.3.3-2.1.101mdk.x86_64.rpm
84fcb30f9234e77bad1031d65c90525b x86_64/10.1/RPMS/lib64koffice2-progs-devel-1.3.3-2.1.101mdk.x86_64.rpm
1fc631607620e2201a0f012d5e0de3be x86_64/10.1/SRPMS/koffice-1.3.3-2.1.101mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFB04EdmqjQ0CJFipgRAsS+AJ0Q/Bu+CUsx7CQEBDhR1il0WOun3wCcCCz8
2Hvgymi/kINilJxidfKdqeM=
=7e6g
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists