Login
Newsletter
Werbung
Sicherheit: Ausführen beliebigen Codes in KDE
Aktuelle Meldungen Distributionen
Name: Ausführen beliebigen Codes in KDE
ID: DSA-284-1
Distribution: Debian
Plattformen: Debian woody
Datum: Mo, 14. April 2003, 13:00
Referenzen: Keine Angabe
Applikationen: KDE Software Compilation

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 284-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
April 12th, 2003                        http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package        : kdegraphics
Vulnerability  : insecure execution
Problem-Type   : remote
Debian-specific: no

The KDE team discoverd a vulnerability in the way KDE uses Ghostscript
software for processing of PostScript (PS) and PDF files.  An attacker
could provide a malicious PostScript or PDF file via mail or websites
that could lead to executing arbitrary commands under the privileges
of the user viewing the file or when the browser generates a directory
listing with thumbnails.

For the stable distribution (woody) this problem has been fixed in
version 2.2.2-6.11 of kdegraphics and associated packages.

The old stable distribution (potato) is not affected since it does not
contain KDE.

For the unstable distribution (sid) this problem will be fixed soon.

For the unofficial backport of KDE 3.1.1 to woody by Ralf Nolden on
download.kde.org, this problem has been fixed in version 3.1.1-0woody2
of kdegraphics.  Using the normal backport line for apt-get you will
get the update:

  deb http://download.kde.org/stable/latest/Debian stable main

We recommend that you upgrade your kdegraphics and associated packages.


Upgrade Instructions
--------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
--------------------------------

  Source archives:

    kdegraphics_2.2.2-6.11.dsc
      Size/MD5 checksum:      980 25ad630efe38bc08f5e5e3d9701d339b
    kdegraphics_2.2.2-6.11.diff.gz
      Size/MD5 checksum:    62853 2763be60d1fe63075a3e2cfbc58c1a27
    kdegraphics_2.2.2.orig.tar.gz
      Size/MD5 checksum:  1640320 4dc8538c4c8dd8b13ef4f8e62446d777

  Alpha architecture:

    kamera_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:    69344 ead494ba413a435b89f7f4f9097f327a
    kcoloredit_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:    94274 805ab834eea22fbd2ae39c64543cf6f1
    kfract_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:    65686 851138254aa4627ebeda515ba13af6dd
    kghostview_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:   166728 065ad1fccffee6272472c8e6347b21f5
    kiconedit_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:   173070 9b9c6c32a42b9e272ace596e15af8b63
    kooka_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:   115634 9f8b3505de3d5ae7e1d6c20405937ed8
    kpaint_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:   113354 4421a849ae3ac4742fa5ec0ccbe88c46
    kruler_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:    49164 a2126e8870b506d46cea65023b7339f5
    ksnapshot_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:    61632 05345ae44993d95185684c8d2d2fbfbe
    kview_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:  1058444 224b803568d6908030ff837e3d8b3215
    libkscan-dev_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:    23286 0ce8fec6e225d381fcbb5cc40be12d49
    libkscan1_2.2.2-6.11_alpha.deb
      Size/MD5 checksum:   125394 812a1ed988165c8275668667edf98883

  ARM architecture:

    kamera_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    60460 e0d5447f6288f5cd5635f28ff6d0d6ca
    kcoloredit_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    75292 77bb160aaa9f40847ee5f947db0109ab
    kfract_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    57642 d7c8ad2299e16b21e2b86ded66adce28
    kghostview_2.2.2-6.11_arm.deb
      Size/MD5 checksum:   147214 9e6e38f8dbd4231e7bf4dddcb270aa89
    kiconedit_2.2.2-6.11_arm.deb
      Size/MD5 checksum:   130088 e373d52324e2dcdcb2aee22ce64f8e4c
    kooka_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    90440 f1854632524921c3152e91e5e69ac3b1
    kpaint_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    90834 c594bb1512e0f6af4459dff115dd5f67
    kruler_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    45766 4741b7d810075ac84788c5027fe96466
    ksnapshot_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    56018 d8a3270978930f1e6192ed01bcd913a8
    kview_2.2.2-6.11_arm.deb
      Size/MD5 checksum:   963000 8787b17833bd896b73569bed265d72da
    libkscan-dev_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    23532 a81c6a96ee7452fe6cad74f4755f390e
    libkscan1_2.2.2-6.11_arm.deb
      Size/MD5 checksum:    92306 e1c35201f860ad439fb6b69b0f09922d

  Intel IA-32 architecture:

    kamera_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    62264 1c226725fc5df268f75833cbc47d9bd2
    kcoloredit_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    76296 522ab166a113f956ff8b940c581b79e5
    kfract_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    56720 e46babbf85c136295fc34822d5e46197
    kghostview_2.2.2-6.11_i386.deb
      Size/MD5 checksum:   147010 d896c8ceb478af975ebf51dd8d94c8b8
    kiconedit_2.2.2-6.11_i386.deb
      Size/MD5 checksum:   129698 afee0ac9f5b6dc8a406c5bbe5e3bf9fb
    kooka_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    92238 dfcd509b0cc8f520307d099b5ce5e3ca
    kpaint_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    92638 8fc4c226abe0c9c9cb495344a78ee137
    kruler_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    46766 b86c623bc705ead12089919d924c34ac
    ksnapshot_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    57236 d06ec4f78e64955e48506d0201aaf3ab
    kview_2.2.2-6.11_i386.deb
      Size/MD5 checksum:   944274 be77ad9763a55ccaec7d929ef73cbdf0
    libkscan-dev_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    23520 121e21b70064657fe9b1456e0202d884
    libkscan1_2.2.2-6.11_i386.deb
      Size/MD5 checksum:    89166 afdb5090b04ae47d180d7b5300d11a61

  Intel IA-64 architecture:

    kamera_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:    86532 6d8321118a0587e6a892900213499bca
    kcoloredit_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:   113442 4e8bfde38915e8a04141ca32e6931f08
    kfract_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:    76590 8a64ff94d5b71e615ab275dd88f11b49
    kghostview_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:   198512 1ae49a4c26ff36a866d817c29555646e
    kiconedit_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:   197848 b7a7c952347bb65244c32c6c7f42c4e3
    kooka_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:   130656 6ea8cbab67d7429593cc64a27e85b833
    kpaint_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:   129416 f90630c49d069f7638977d0294dd06f1
    kruler_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:    53314 6e3c524d9064b74146ee395c0fce3749
    ksnapshot_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:    64064 c12afe56cbf2f2b491868982bbeebc33
    kview_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:  1171890 dddc30d6bf31f79fb0683338136b4198
    libkscan-dev_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:    23520 9ed4c20cc9a6672efa36e2dfdd2f1a55
    libkscan1_2.2.2-6.11_ia64.deb
      Size/MD5 checksum:   134420 d09c7fd638b80230eb8594aae8f9a6a0

  HP Precision architecture:

    kamera_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:    67356 dca919bf97cab28e4a3fa5665861883a
    kcoloredit_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:    92240 fc7fea866ae8f2d345da4462906f5848
    kfract_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:    67518 0f718e1633e10d366ed7ca4d8acc73a2
    kghostview_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:   171924 381d99267f819cb3f62ddacdf939d8fe
    kiconedit_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:   155390 d37e4a698a20759bb65dbb7cbe50c21b
    kpaint_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:   107588 41091b5142c3f78b27e57b27d57e0d43
    kruler_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:    49886 b98f0c7d279330d0277cabdde43b1992
    ksnapshot_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:    60898 083870f12eb6854a1322212d244fbde2
    kview_2.2.2-6.11_hppa.deb
      Size/MD5 checksum:  1075954 49b6b1372090b54de508009aa054973c

  Motorola 680x0 architecture:

    kamera_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    58768 6273e4f275576f5de2e3d2f699746faf
    kcoloredit_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    74628 f51b2b459ed5f89c1592d93e938e69f7
    kfract_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    56222 99b99bd2491769aeccb20674e7235613
    kghostview_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:   143538 8233ce5ac9961a4a038927d77cfa6e44
    kiconedit_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:   127740 9aa088f8f92fd6a1a6a7fd7c3fab705c
    kooka_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    91316 0ea8fc2e98f8c0ff8f7e723f1b0ecf24
    kpaint_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    91312 0e8d26fea7a911b7843897d7a3be4def
    kruler_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    46934 f6c499a6285245399a569e1d9414a14b
    ksnapshot_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    57542 e6c20d9c15cf421fbbc5d5187e3681e7
    kview_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:   942094 de087b9234bc567888cdbb5df0b1258f
    libkscan-dev_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    23542 85b3573505aef0f5166013f3726394ff
    libkscan1_2.2.2-6.11_m68k.deb
      Size/MD5 checksum:    88792 1f45205a14601bf5fc2a6baf20da999c

  Big endian MIPS architecture:

    kamera_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    58066 e2ffd4f726786163399c7d04a5825022
    kcoloredit_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    86840 570a7bea6c6cef3ec3d4c21e94f8be75
    kfract_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    64634 424d8d08ae59214998ad4ef13cd7bd98
    kghostview_2.2.2-6.11_mips.deb
      Size/MD5 checksum:   138994 fdc496bb2227cea8734c8f9a3483eb29
    kiconedit_2.2.2-6.11_mips.deb
      Size/MD5 checksum:   151682 5babfcc211b3395ce6664cbf2981a70d
    kooka_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    97880 f1a3c7ac078f294265d6b58a0b422368
    kpaint_2.2.2-6.11_mips.deb
      Size/MD5 checksum:   102346 f941cada1786ab9c803cfbb8a181427e
    kruler_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    46844 644971455d4aa26aff55fb44a2cbfd4f
    ksnapshot_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    57202 1c7531e955c3e60228e00436536d7d9c
    kview_2.2.2-6.11_mips.deb
      Size/MD5 checksum:   962610 3bc3dccc6f8af2e68684555671495cdb
    libkscan-dev_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    23528 25e2093904e003eea4209d8c2b598e40
    libkscan1_2.2.2-6.11_mips.deb
      Size/MD5 checksum:    91524 abd4bca0ccee1b1f24d6dc09ea17dab4

  Little endian MIPS architecture:

    kamera_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    57414 b9d9547714c2199ae16fbfc1c3db1d21
    kcoloredit_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    85876 8a21e12a625e2c00d891c63f49dd7427
    kfract_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    64272 27d16e43637f4df3a8b8326d229f43ec
    kghostview_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:   137560 aa75cbec43f56909b0e3782b428e349a
    kiconedit_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:   150128 f04a5bd9d892889d30a7523ee226cea7
    kooka_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    96596 15ea4a2a7c557c2bfc17cd11340897d7
    kpaint_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:   101372 96dca01779a65a56e50256ac6b92d272
    kruler_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    46684 ff82e1de318f2f69f746fb72ae638b40
    ksnapshot_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    56920 13c334c3b194a02c0543b11dbd64f215
    kview_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:   958042 596df6ba29c0fe90006d166b49433c5c
    libkscan-dev_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    23522 0b49178ddcaa6f787c477572dab1e510
    libkscan1_2.2.2-6.11_mipsel.deb
      Size/MD5 checksum:    90476 9cc4d507eb84764a830187f19dd31480

  PowerPC architecture:

    kamera_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    60200 fe42f4f3c5283b6ebba021244c351c37
    kcoloredit_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    74418 969326215d9b3a390c3d77fe90247091
    kfract_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    56602 b6422d0587f95817fa54e4a490aa2710
    kghostview_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:   147292 5f8155e5e29714514a62f18ca3dc5bdc
    kiconedit_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:   129236 23e200984f490ef4441357fb5d0d906e
    kooka_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    89696 45ff423932f6c21aea4a1f7172eb76ce
    kpaint_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    89614 36996c0f1a9312af49047d6514875841
    kruler_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    45486 b6cdd9ed8ab94c538966337dc927f62b
    ksnapshot_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    55876 80fcc61abe63fc7a3f864053a6bc4247
    kview_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:   961300 0312c06e00333c77294d8da03c83c9d0
    libkscan-dev_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    23524 e339ebc705097d571a12829d4759274b
    libkscan1_2.2.2-6.11_powerpc.deb
      Size/MD5 checksum:    93316 9cbc10d6f6b366754934916bb649f4b7

  IBM S/390 architecture:

    kamera_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    62570 55da987a91d4083bba3d8442d7d9aa53
    kcoloredit_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    78682 9de4ed737369b62692694411f4cd5d5b
    kfract_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    59194 ba92a318c29dca178c4efdae5eeb577d
    kghostview_2.2.2-6.11_s390.deb
      Size/MD5 checksum:   148838 d69fd4f06de8931d11f1838bd5cc0c8a
    kiconedit_2.2.2-6.11_s390.deb
      Size/MD5 checksum:   135260 55ac163561f7405b9e5b7792194291af
    kooka_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    97000 f38254d101b3b33a2a901b6a610394c4
    kpaint_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    93018 817862c0b8d669309c97c7985692e39f
    kruler_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    48180 74615c869ad7a373e4bbfe3bc5e70067
    ksnapshot_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    58574 a5db9a7afabc145fc871ee7858089a24
    kview_2.2.2-6.11_s390.deb
      Size/MD5 checksum:   984092 2e607a41e13694288e2e0d7f8c7a0270
    libkscan-dev_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    23522 af53efdc94c48d068eff4d165a59e811
    libkscan1_2.2.2-6.11_s390.deb
      Size/MD5 checksum:    98452 28c7170abae8d09cd320034cd71b3fbb

  Sun Sparc architecture:

    kamera_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    60530 6997a2c2351a5216f1d0621d9d29cd6e
    kcoloredit_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    76608 1242e7c6421285770fca17e2ef2dd14d
    kfract_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    58558 0d21f84e80443f4e7e0b35fea6d734e0
    kghostview_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:   148928 a0b09000eedec7528e898de5f7db5fe4
    kiconedit_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:   133096 07c8b1397f370c8068c75e82eb7167dc
    kooka_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    93074 520c32af98a0656c9d3f5e60de9832b6
    kpaint_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    92414 a92390a8b27836a05003097a5c81d363
    kruler_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    46722 97ac931faf421d1812913875893ff400
    ksnapshot_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    57006 79495620e456f93dc823b6c38a23f831
    kview_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:   967930 a79dad458674f556cf008fcd6f616620
    libkscan-dev_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    23520 b36c53084e2a3166e33feb2828155f8c
    libkscan1_2.2.2-6.11_sparc.deb
      Size/MD5 checksum:    93126 5e21dc42910da30200758d212f685680


  These files will probably be moved into the stable distribution on
  its next revision.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+l86JW5ql+IAeqTIRAl0lAKCnfLARjPlw9R5+N5j7qsasaEjXnACdFCyH
9G4+B6OBDCL73nJrQhYpqaY=
=xXzJ
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung