| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Jan 2007 14:14:35 -0700 From: security@...driva.com To: full-disclosure@...ts.grok.org.uk Subject: [ MDKSA-2007:022 ] - Updated tetex packages fix crafted pdf file vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:022 http://www.mandriva.com/security/ _______________________________________________________________________ Package : tetex Date : January 18, 2007 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 _______________________________________________________________________ Updated Packages: Mandriva Linux 2006.0: b0e9b86776c418b948d8574d5d9cbd49 2006.0/i586/jadetex-3.12-110.3.20060mdk.i586.rpm c2338788f1ab57520c0082392ed79a4d 2006.0/i586/tetex-3.0-12.3.20060mdk.i586.rpm 23f6c5d99c6d75d8299858f2f1762570 2006.0/i586/tetex-afm-3.0-12.3.20060mdk.i586.rpm 38ce0c5b942ecbbeecbeb2e67b0fc575 2006.0/i586/tetex-context-3.0-12.3.20060mdk.i586.rpm fae0147ac3122354c573418a5e2b933e 2006.0/i586/tetex-devel-3.0-12.3.20060mdk.i586.rpm 4ea3b6d4bac953feacdafec3b0716a75 2006.0/i586/tetex-doc-3.0-12.3.20060mdk.i586.rpm 3cea7fdbe482dba0fdccb423e59c0687 2006.0/i586/tetex-dvilj-3.0-12.3.20060mdk.i586.rpm de6a3d7a548c55476ac8ffbce57867f2 2006.0/i586/tetex-dvipdfm-3.0-12.3.20060mdk.i586.rpm 394aaf123e290414c429c0e83e007928 2006.0/i586/tetex-dvips-3.0-12.3.20060mdk.i586.rpm e7e1826411e5a655c13381bf8f8a836e 2006.0/i586/tetex-latex-3.0-12.3.20060mdk.i586.rpm 7a7304b0ff04cb5528b44ec4116dab00 2006.0/i586/tetex-mfwin-3.0-12.3.20060mdk.i586.rpm 478e42a89808a7a50de49d5824981961 2006.0/i586/tetex-texi2html-3.0-12.3.20060mdk.i586.rpm 9f2641d71a55e2ca887a43ef4965b32b 2006.0/i586/tetex-xdvi-3.0-12.3.20060mdk.i586.rpm d5b7ff7afc8bf10f923d198b12a2eef7 2006.0/i586/xmltex-1.9-58.3.20060mdk.i586.rpm dfac4ea9ee368da19133c7ec734f4df9 2006.0/SRPMS/tetex-3.0-12.3.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: 9ef912b94f8f55197ddbb2123e30a25a 2006.0/x86_64/jadetex-3.12-110.3.20060mdk.x86_64.rpm 1c01bcd9a4fa2982694492210de47089 2006.0/x86_64/tetex-3.0-12.3.20060mdk.x86_64.rpm 4d00faf564d28b45374a57f91e5aacb9 2006.0/x86_64/tetex-afm-3.0-12.3.20060mdk.x86_64.rpm 139a0ee822471c2562eab654142f34f4 2006.0/x86_64/tetex-context-3.0-12.3.20060mdk.x86_64.rpm 5dbf547b972213623d879c201eaf7d26 2006.0/x86_64/tetex-devel-3.0-12.3.20060mdk.x86_64.rpm 8080633d08582fac2b2b2084e0e1c14e 2006.0/x86_64/tetex-doc-3.0-12.3.20060mdk.x86_64.rpm eea2f40c602d83eab0abcf01065c9e27 2006.0/x86_64/tetex-dvilj-3.0-12.3.20060mdk.x86_64.rpm 93a9c2c81cebe89e71c386cb122684ca 2006.0/x86_64/tetex-dvipdfm-3.0-12.3.20060mdk.x86_64.rpm f370373047439ff20285c560c62d15bb 2006.0/x86_64/tetex-dvips-3.0-12.3.20060mdk.x86_64.rpm aac948de1110ed6cd6bec349185c469e 2006.0/x86_64/tetex-latex-3.0-12.3.20060mdk.x86_64.rpm ad1b17cdaaeaddcb50ccecca995b40bf 2006.0/x86_64/tetex-mfwin-3.0-12.3.20060mdk.x86_64.rpm e0a894fef728129a9c4adaf489b2d4c9 2006.0/x86_64/tetex-texi2html-3.0-12.3.20060mdk.x86_64.rpm 7be9509ba2bae53fd5e5dad6726319c8 2006.0/x86_64/tetex-xdvi-3.0-12.3.20060mdk.x86_64.rpm dac1e6dbb15c0720ddee363e1fca40c8 2006.0/x86_64/xmltex-1.9-58.3.20060mdk.x86_64.rpm dfac4ea9ee368da19133c7ec734f4df9 2006.0/SRPMS/tetex-3.0-12.3.20060mdk.src.rpm Mandriva Linux 2007.0: 78124b41f0f99ef02b030db387b7d0be 2007.0/i586/jadetex-3.12-116.1mdv2007.0.i586.rpm 0ba38db61f2ac0cfca4017d5a421c371 2007.0/i586/tetex-3.0-18.1mdv2007.0.i586.rpm ac07abe40f118a50d4d02480e6fc6acf 2007.0/i586/tetex-afm-3.0-18.1mdv2007.0.i586.rpm 9b2cc8802dbbd9987fc8e27fc2cd4fa6 2007.0/i586/tetex-context-3.0-18.1mdv2007.0.i586.rpm 26bf31a911285913987b47d84ab972e6 2007.0/i586/tetex-devel-3.0-18.1mdv2007.0.i586.rpm 64548fd5d941e14ad9040b0682be073f 2007.0/i586/tetex-doc-3.0-18.1mdv2007.0.i586.rpm 327b14eb8a8e906b3c671dd2550e23c6 2007.0/i586/tetex-dvilj-3.0-18.1mdv2007.0.i586.rpm c10d7f14ac918ecf1346c5602e4702b1 2007.0/i586/tetex-dvipdfm-3.0-18.1mdv2007.0.i586.rpm 991f7f24ce100c5b1bd650635df534a6 2007.0/i586/tetex-dvips-3.0-18.1mdv2007.0.i586.rpm 55c23ef379b549f3bf295d7f22eedd3d 2007.0/i586/tetex-latex-3.0-18.1mdv2007.0.i586.rpm 910a0ab053d49d72beba7dbb8dcfb67d 2007.0/i586/tetex-mfwin-3.0-18.1mdv2007.0.i586.rpm d4d79d3ec2e942950a900b0e264dd352 2007.0/i586/tetex-texi2html-3.0-18.1mdv2007.0.i586.rpm 47569ddcae890f450423c6b7637052c4 2007.0/i586/tetex-xdvi-3.0-18.1mdv2007.0.i586.rpm de84b77612fdcb65dc0b492ef035948a 2007.0/i586/xmltex-1.9-64.1mdv2007.0.i586.rpm a25e245f8899b029e6f66628da291ff5 2007.0/SRPMS/tetex-3.0-18.1mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 484cde452f6dc278ffe7bf8471c5b2a1 2007.0/x86_64/jadetex-3.12-116.1mdv2007.0.x86_64.rpm 18828e699d7b3c300ea61079266ec72f 2007.0/x86_64/tetex-3.0-18.1mdv2007.0.x86_64.rpm 67724adf4f8afbcd5f89eb8006bc5af5 2007.0/x86_64/tetex-afm-3.0-18.1mdv2007.0.x86_64.rpm 96e26248638f41b4bc7d5f3e871649c5 2007.0/x86_64/tetex-context-3.0-18.1mdv2007.0.x86_64.rpm dbb59278fcf549d35312f90112b5e168 2007.0/x86_64/tetex-devel-3.0-18.1mdv2007.0.x86_64.rpm 869e43a9aa80df4c676a768c36a9e117 2007.0/x86_64/tetex-doc-3.0-18.1mdv2007.0.x86_64.rpm 4e98e1172c41a8cfd87e16789e08d582 2007.0/x86_64/tetex-dvilj-3.0-18.1mdv2007.0.x86_64.rpm 3db0e91bea2b31540943e23d287c4a73 2007.0/x86_64/tetex-dvipdfm-3.0-18.1mdv2007.0.x86_64.rpm 056a25922526c43ae74c4540110b363c 2007.0/x86_64/tetex-dvips-3.0-18.1mdv2007.0.x86_64.rpm bf89943fbb35e5be431ddaeeb6874c0b 2007.0/x86_64/tetex-latex-3.0-18.1mdv2007.0.x86_64.rpm f30fead5ed7b9383a5508b8064688b87 2007.0/x86_64/tetex-mfwin-3.0-18.1mdv2007.0.x86_64.rpm 21a1d9f09f9c284a6098138490807c7a 2007.0/x86_64/tetex-texi2html-3.0-18.1mdv2007.0.x86_64.rpm 8cd846107a6ddd85d2be0f3caef277fb 2007.0/x86_64/tetex-xdvi-3.0-18.1mdv2007.0.x86_64.rpm 43a0155e8b9b4bc75248d6d4a7f8c1f8 2007.0/x86_64/xmltex-1.9-64.1mdv2007.0.x86_64.rpm a25e245f8899b029e6f66628da291ff5 2007.0/SRPMS/tetex-3.0-18.1mdv2007.0.src.rpm Corporate 3.0: c93214160b8e8ebb0f791b1926f234a5 corporate/3.0/i586/jadetex-3.12-93.5.C30mdk.i586.rpm 5b364cd2a2217aaf80d17cf179acae98 corporate/3.0/i586/tetex-2.0.2-14.5.C30mdk.i586.rpm dccc24883880adc4e5e0f9983217abe6 corporate/3.0/i586/tetex-afm-2.0.2-14.5.C30mdk.i586.rpm 74f1e2c5ee35b0a8d7552a39812a1f38 corporate/3.0/i586/tetex-context-2.0.2-14.5.C30mdk.i586.rpm 3c896ce2f2ef58b76a481e8058562d72 corporate/3.0/i586/tetex-devel-2.0.2-14.5.C30mdk.i586.rpm 6edb72131045c5727b1b87d5ceef0987 corporate/3.0/i586/tetex-doc-2.0.2-14.5.C30mdk.i586.rpm 08de572c8270a71603b13b436acd64c9 corporate/3.0/i586/tetex-dvilj-2.0.2-14.5.C30mdk.i586.rpm aba5bee10035b9b1b57ce92dd90f989d corporate/3.0/i586/tetex-dvipdfm-2.0.2-14.5.C30mdk.i586.rpm c7976d0df3677f7949f220e2fbc99392 corporate/3.0/i586/tetex-dvips-2.0.2-14.5.C30mdk.i586.rpm 1a83b7e2aaa33cb96a7c9aa35e77bda1 corporate/3.0/i586/tetex-latex-2.0.2-14.5.C30mdk.i586.rpm 1bbe133477dfbe8f2eed96b90cf26662 corporate/3.0/i586/tetex-mfwin-2.0.2-14.5.C30mdk.i586.rpm 1d487a5ffa6b68a868228cdeaa20d832 corporate/3.0/i586/tetex-texi2html-2.0.2-14.5.C30mdk.i586.rpm 0bd2f1246a1571af99941c692cc20110 corporate/3.0/i586/tetex-xdvi-2.0.2-14.5.C30mdk.i586.rpm 2224bd1105bf725dcedc9292fa518acf corporate/3.0/i586/xmltex-1.9-41.5.C30mdk.i586.rpm 8b5a4a4f6d5ff4d98a1281af2d71d36c corporate/3.0/SRPMS/tetex-2.0.2-14.5.C30mdk.src.rpm Corporate 3.0/X86_64: 2d926e3bd8f634ac9c1e5f89df19a85d corporate/3.0/x86_64/jadetex-3.12-93.5.C30mdk.x86_64.rpm f758927c4a9999282f38a13fbcc8d0ed corporate/3.0/x86_64/tetex-2.0.2-14.5.C30mdk.x86_64.rpm 8d2da57380f45c588845ee97aa574d2b corporate/3.0/x86_64/tetex-afm-2.0.2-14.5.C30mdk.x86_64.rpm 4f6daa6ef092dd5a2f849ef8de52407e corporate/3.0/x86_64/tetex-context-2.0.2-14.5.C30mdk.x86_64.rpm fea3921e3e9f4856d1e613d48370c057 corporate/3.0/x86_64/tetex-devel-2.0.2-14.5.C30mdk.x86_64.rpm f58957bfe6c337c4d0aea6332457fb88 corporate/3.0/x86_64/tetex-doc-2.0.2-14.5.C30mdk.x86_64.rpm d60dd82115164e40b35528dc494075bb corporate/3.0/x86_64/tetex-dvilj-2.0.2-14.5.C30mdk.x86_64.rpm fe5f1393c2ad00c391a59c013fdd225b corporate/3.0/x86_64/tetex-dvipdfm-2.0.2-14.5.C30mdk.x86_64.rpm 77a8c2a7f786d5fe251a3cf6ad56f8a6 corporate/3.0/x86_64/tetex-dvips-2.0.2-14.5.C30mdk.x86_64.rpm 1ec612e9e803307a1b9cc9b70b6d1eec corporate/3.0/x86_64/tetex-latex-2.0.2-14.5.C30mdk.x86_64.rpm a853b831d61d6e2907664a34cda3d2e6 corporate/3.0/x86_64/tetex-mfwin-2.0.2-14.5.C30mdk.x86_64.rpm 9c1502657d6a692445d7c05c0bc08760 corporate/3.0/x86_64/tetex-texi2html-2.0.2-14.5.C30mdk.x86_64.rpm 9be9f52a507ed56fd05baa7f5d612dd7 corporate/3.0/x86_64/tetex-xdvi-2.0.2-14.5.C30mdk.x86_64.rpm 60ea5b041fa70f46ae8104a04843110c corporate/3.0/x86_64/xmltex-1.9-41.5.C30mdk.x86_64.rpm 8b5a4a4f6d5ff4d98a1281af2d71d36c corporate/3.0/SRPMS/tetex-2.0.2-14.5.C30mdk.src.rpm Corporate 4.0: ddac4526b56f24eb774fcf37a0381ce7 corporate/4.0/i586/jadetex-3.12-110.3.20060mlcs4.i586.rpm 51de65ad28fa07098366fc2c875df20c corporate/4.0/i586/tetex-3.0-12.3.20060mlcs4.i586.rpm 0527185de5a39686833f03bb991db5d3 corporate/4.0/i586/tetex-afm-3.0-12.3.20060mlcs4.i586.rpm e2826e0f0a22d3548d02ca8fd4c922cd corporate/4.0/i586/tetex-context-3.0-12.3.20060mlcs4.i586.rpm 8e6575f0ac52785ea4163ec064999079 corporate/4.0/i586/tetex-devel-3.0-12.3.20060mlcs4.i586.rpm 6529f3ba8b8c03b8938259048d9fba7f corporate/4.0/i586/tetex-doc-3.0-12.3.20060mlcs4.i586.rpm 51a47e7f97e550d63b2d61b7a96b48e3 corporate/4.0/i586/tetex-dvilj-3.0-12.3.20060mlcs4.i586.rpm 17dc8f10a492283c5121454dff0705c5 corporate/4.0/i586/tetex-dvipdfm-3.0-12.3.20060mlcs4.i586.rpm 03d91453c6c2ba0435aa7ba503dec417 corporate/4.0/i586/tetex-dvips-3.0-12.3.20060mlcs4.i586.rpm 071921ff5e769938e177cb5cd43d20b6 corporate/4.0/i586/tetex-latex-3.0-12.3.20060mlcs4.i586.rpm 479fcb92a32f627bbfb04522f1f7c89c corporate/4.0/i586/tetex-mfwin-3.0-12.3.20060mlcs4.i586.rpm 4bd0cbc69453954324dc592126bcbc67 corporate/4.0/i586/tetex-texi2html-3.0-12.3.20060mlcs4.i586.rpm 95e1b3bc49f2ab0ac317e5130a70a625 corporate/4.0/i586/tetex-xdvi-3.0-12.3.20060mlcs4.i586.rpm 0f32f2dad3a514a2fc8094ed5a1b712d corporate/4.0/i586/xmltex-1.9-58.3.20060mlcs4.i586.rpm 19ddb7ee7cab54ac851cd5ef399ff77e corporate/4.0/SRPMS/tetex-3.0-12.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: 665879f7fd675b56bec3a9ec4785040d corporate/4.0/x86_64/jadetex-3.12-110.3.20060mlcs4.x86_64.rpm f3bd189b132457a659c16f683040f9f6 corporate/4.0/x86_64/tetex-3.0-12.3.20060mlcs4.x86_64.rpm be8f757d3991987a9eb706a04c74c261 corporate/4.0/x86_64/tetex-afm-3.0-12.3.20060mlcs4.x86_64.rpm 093d2c02434148b7d54c19a145bc4672 corporate/4.0/x86_64/tetex-context-3.0-12.3.20060mlcs4.x86_64.rpm 90f76b5938c48de76083aadfd61235b6 corporate/4.0/x86_64/tetex-devel-3.0-12.3.20060mlcs4.x86_64.rpm ad2f307b2b439f6d02e83b038a6c6750 corporate/4.0/x86_64/tetex-doc-3.0-12.3.20060mlcs4.x86_64.rpm 64ae40ef2b0a71e88bc86cecac38e188 corporate/4.0/x86_64/tetex-dvilj-3.0-12.3.20060mlcs4.x86_64.rpm cf6c423a01ffb30206b7ab973576dc05 corporate/4.0/x86_64/tetex-dvipdfm-3.0-12.3.20060mlcs4.x86_64.rpm 7f0758b87f1dd184267010edf2ae49c2 corporate/4.0/x86_64/tetex-dvips-3.0-12.3.20060mlcs4.x86_64.rpm 584677a10b1f4dc829edc38347636ac2 corporate/4.0/x86_64/tetex-latex-3.0-12.3.20060mlcs4.x86_64.rpm f807370e1d34149ec4d3f8db0bb718eb corporate/4.0/x86_64/tetex-mfwin-3.0-12.3.20060mlcs4.x86_64.rpm 30a5829e72c5694d38224cd6f1048684 corporate/4.0/x86_64/tetex-texi2html-3.0-12.3.20060mlcs4.x86_64.rpm 202b14f67f12f4390649a00cd677f5bb corporate/4.0/x86_64/tetex-xdvi-3.0-12.3.20060mlcs4.x86_64.rpm ae70ba2da64fc4bd7ea5e543d3921356 corporate/4.0/x86_64/xmltex-1.9-58.3.20060mlcs4.x86_64.rpm 19ddb7ee7cab54ac851cd5ef399ff77e corporate/4.0/SRPMS/tetex-3.0-12.3.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFr7azmqjQ0CJFipgRAhgjAJwNJwlUAK2S+mIB17aKqmjN8WQJGgCguwgZ h8dpKOT8JiNu1YzvQKYYs/U= =xCS/ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists