Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in gpdf
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in gpdf
ID: DTSA-28-1
Distribution: Debian Testing
Plattformen: Debian testing
Datum: Mi, 25. Januar 2006, 21:25
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
Applikationen: GNOME

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Testing Security Advisory DTSA-28-1              January 25th, 2005
secure-testing-team@lists.alioth.debian.org                  Neil McGovern
http://secure-testing-master.debian.net/
- --------------------------------------------------------------------------

Package        : gpdf
Vulnerability  : multiple vulnerabilities
Problem-Scope  : local/user-initiated
Debian-specific: No
CVE ID         : CVE-2005-2097 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625
                 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628 


Multiple security holes have been found in the xpdf library which gpdf embeds:

CVE-2005-2097
  xpdf does not properly validate the "loca" table in PDF files, which
 allows
  local users to cause a denial of service (disk consumption and hang) via a
  PDF file with a "broken" loca table, which causes a large temporary
 file to
  be created when xpdf attempts to reconstruct the information. 
  
CVE-2005-3193
  Heap-based buffer overflow in the JPXStream::readCodestream function in the
  JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier allows
  user-complicit attackers to cause a denial of service (heap corruption) and
  possibly execute arbitrary code via a crafted PDF file with large size values
  that cause insufficient memory to be allocated.
  
CVE-2005-3624
  The CCITTFaxStream::CCITTFaxStream function in Stream.cc for gpdf allows
  attackers to corrupt the heap via negative or large integers in a
  CCITTFaxDecode stream, which lead to integer overflows and integer
  underflows.
  
CVE-2005-3625
  Xpdf allows attackers to cause a denial of service (infinite loop) via
  streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode
  and (2) DCTDecode streams, aka "Infinite CPU spins."
  
CVE-2005-3626
  Xpdf allows attackers to cause a denial of service (crash) via a crafted
  FlateDecode stream that triggers a null dereference.
  
CVE-2005-3627
  Stream.cc in Xpdf allows attackers to modify memory and possibly execute
  arbitrary code via a DCTDecode stream with (1) a large "number of
 components"
  value that is not checked by DCTStream::readBaselineSOF or
  DCTStream::readProgressiveSOF, (2) a large "Huffman table index"
 value that
  is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the
  scanInfo.numComps value by DCTStream::readScanInfo.
  
CVE-2005-3628
  Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in
  Xpdf allows attackers to modify memory and possibly execute arbitrary code
  via unknown attack vectors.

Please note, these issues have already been fixed in stable from the following
security announcements:
DSA-780-1, DSA-931-1, DSA-932-1, DSA-936-1, DSA-937-1, DSA-938-1, DSA-940-1,
DSA-950-1

For the testing distribution (etch) this is fixed in version
2.10.0-1+etch1

For the unstable distribution (sid) this is fixed in version
2.10.0-2

This upgrade is recommended if you use gpdf.

The Debian testing security team does not track security issues for the
stable (sarge) and oldstable (woody) distributions. If stable is vulnerable,
the Debian security team will make an announcement once a fix is ready.

Upgrade Instructions
- --------------------

To use the Debian testing security archive, add the following lines to
your /etc/apt/sources.list:

deb http://secure-testing.debian.net/debian-secure-testingetch/security-updates main contrib non-free
deb-src http://secure-testing.debian.net/debian-secure-testingetch/security-updates main contrib non-free

Run the following command as root to make apt trust this repository:

wget http://secure-testing-master.debian.net/ziyi-2005-7.asc-O - | sudo apt-key add -

To install the update, run this command as root:

apt-get update && apt-get install gpdf

For further information about the Debian testing security team, please refer
to http://secure-testing-master.debian.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD190P97LBwbNFvdMRAsRPAJ9EF6Thw6ffpgDf6LA3ZBypf8cI2QCggrdR
VQt9Z7c1/4izDUSsJxnzLEQ=
=ol6E
-----END PGP SIGNATURE-----

_______________________________________________
secure-testing-announce mailing list
secure-testing-announce@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung