Login
Newsletter
Werbung
Sicherheit: Zahlenüberlauf in tetex-bin
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in tetex-bin
ID: DSA-1350-1
Distribution: Debian
Plattformen: Debian sarge
Datum: Mo, 6. August 2007, 19:37
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
Applikationen: teTeX

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1350-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
August 6th, 2007                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : tetex-bin
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2007-3387

It was discovered that an integer overflow in the xpdf PDF viewer may lead
to the execution of arbitrary code if a malformed PDF file is opened.

tetex-bin includes a copy of the xpdf code and required an update as
well.

For the oldstable distribution (sarge) this problem has been fixed in
version 2.0.2-30sarge5.

The package from the stable distribution (etch) links dynamically
against libpoppler and doesn't require a separate update.

The package from the unstable distribution (sid) links dynamically
against libpoppler and doesn't require a separate update.

We recommend that you upgrade your tetex-bin packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    tetex-bin_2.0.2-30sarge5.dsc
      Size/MD5 checksum:     1004 408dc2085cdba46890456dd0994466ed
    tetex-bin_2.0.2-30sarge5.diff.gz
      Size/MD5 checksum:   162289 af8ba42d1ba901a866f8a9a3be169a8d
    tetex-bin_2.0.2.orig.tar.gz
      Size/MD5 checksum: 11677169 8f02d5940bf02072ce5fe05429c90e63

  Alpha architecture:

    libkpathsea-dev_2.0.2-30sarge5_alpha.deb
      Size/MD5 checksum:    90938 d8159c21d95fe23977f3f04293e05d2b
    libkpathsea3_2.0.2-30sarge5_alpha.deb
      Size/MD5 checksum:    65658 8499ce76230803e3e8ca57f74d3ddc1a
    tetex-bin_2.0.2-30sarge5_alpha.deb
      Size/MD5 checksum:  5191902 e59ace42020339489e5dce272346937d

  AMD64 architecture:

    libkpathsea-dev_2.0.2-30sarge5_amd64.deb
      Size/MD5 checksum:    72760 c74b0d671d1e598133ccbabba4b055d0
    libkpathsea3_2.0.2-30sarge5_amd64.deb
      Size/MD5 checksum:    61976 18539f87cc4ca768e94812dd82a4ba92
    tetex-bin_2.0.2-30sarge5_amd64.deb
      Size/MD5 checksum:  4357092 c343a5100fa62f02fea94cb8298d1dfe

  ARM architecture:

    libkpathsea-dev_2.0.2-30sarge5_arm.deb
      Size/MD5 checksum:    67792 56ead90cbac34f20bbd3a9c561d8e766
    libkpathsea3_2.0.2-30sarge5_arm.deb
      Size/MD5 checksum:    58222 9615aad9835cf82cda04c2270b23bcc6
    tetex-bin_2.0.2-30sarge5_arm.deb
      Size/MD5 checksum:  4300932 797d1b12e5c33b994b54ea3ed0e56605

  HP Precision architecture:

    libkpathsea-dev_2.0.2-30sarge5_hppa.deb
      Size/MD5 checksum:    78298 b02ebc84baf40bdf85bdd095259a6fc0
    libkpathsea3_2.0.2-30sarge5_hppa.deb
      Size/MD5 checksum:    66718 fc8516836487be2143681dde8a547afa
    tetex-bin_2.0.2-30sarge5_hppa.deb
      Size/MD5 checksum:  4613010 8a86c1ff20b5e7d796f4729688b38846

  Intel IA-32 architecture:

    libkpathsea-dev_2.0.2-30sarge5_i386.deb
      Size/MD5 checksum:    66214 9cdb34e878a67780bb6495585ef14db7
    libkpathsea3_2.0.2-30sarge5_i386.deb
      Size/MD5 checksum:    59248 591ed69f05d3a395c0e438bbe046db12
    tetex-bin_2.0.2-30sarge5_i386.deb
      Size/MD5 checksum:  3939528 d352ae38e2349e355e5da81651fcbb81

  Intel IA-64 architecture:

    libkpathsea-dev_2.0.2-30sarge5_ia64.deb
      Size/MD5 checksum:    89818 194a8c9d3fdbdb2de3a1132cfc5fefd8
    libkpathsea3_2.0.2-30sarge5_ia64.deb
      Size/MD5 checksum:    73578 98b1887daec4d21c5f6541a4857f2765
    tetex-bin_2.0.2-30sarge5_ia64.deb
      Size/MD5 checksum:  5909754 72b1fc89df3534e940f0c276ac30e834

  Motorola 680x0 architecture:

    libkpathsea-dev_2.0.2-30sarge5_m68k.deb
      Size/MD5 checksum:    63570 c28eb2d915d1993744a07c6110634370
    libkpathsea3_2.0.2-30sarge5_m68k.deb
      Size/MD5 checksum:    58802 e5c73af748d2c66f038b5f52929d938a
    tetex-bin_2.0.2-30sarge5_m68k.deb
      Size/MD5 checksum:  3601196 49dd7766842ec386c1a62685079c80ed

  Big endian MIPS architecture:

    libkpathsea-dev_2.0.2-30sarge5_mips.deb
      Size/MD5 checksum:    75566 e8c8a8f53f4aab6029f7e92b5994247d
    libkpathsea3_2.0.2-30sarge5_mips.deb
      Size/MD5 checksum:    59274 2ec0a1573e3e1aa68a7f71177616b61b
    tetex-bin_2.0.2-30sarge5_mips.deb
      Size/MD5 checksum:  4603054 b05d0400b14e006284b383364dcdb609

  Little endian MIPS architecture:

    libkpathsea-dev_2.0.2-30sarge5_mipsel.deb
      Size/MD5 checksum:    75536 342424bab48f7baa4a28dd033ade7a89
    libkpathsea3_2.0.2-30sarge5_mipsel.deb
      Size/MD5 checksum:    59504 aa940915c0a195a5fa6bc7dcdcddd796
    tetex-bin_2.0.2-30sarge5_mipsel.deb
      Size/MD5 checksum:  4559858 1c2999179723139ef15ce8fac0094ab3

  PowerPC architecture:

    libkpathsea-dev_2.0.2-30sarge5_powerpc.deb
      Size/MD5 checksum:    74908 827173cc664bccc030eb1e8607f2e5de
    libkpathsea3_2.0.2-30sarge5_powerpc.deb
      Size/MD5 checksum:    63436 b53beaa55824df5c86230ee76a58f46a
    tetex-bin_2.0.2-30sarge5_powerpc.deb
      Size/MD5 checksum:  4382190 19f6451563e03f4847cf7b548b822273

  IBM S/390 architecture:

    libkpathsea-dev_2.0.2-30sarge5_s390.deb
      Size/MD5 checksum:    71830 7f4ab010974b161ebb3e43e4fa946571
    libkpathsea3_2.0.2-30sarge5_s390.deb
      Size/MD5 checksum:    63692 21ba0cfb5d848ee8db9a84c0d1d90cbc
    tetex-bin_2.0.2-30sarge5_s390.deb
      Size/MD5 checksum:  4269382 8d527032ff17054e05f2030e76e0d20f

  Sun Sparc architecture:

    libkpathsea-dev_2.0.2-30sarge5_sparc.deb
      Size/MD5 checksum:    70016 db4e0ff13dc82882a8af0ab231439d80
    libkpathsea3_2.0.2-30sarge5_sparc.deb
      Size/MD5 checksum:    61066 715b8af76681d9d491f538011b75fa26
    tetex-bin_2.0.2-30sarge5_sparc.deb
      Size/MD5 checksum:  4157218 e2f76ec4340abd8f99aa44c941a87dea


  These files will probably be moved into the oldstable distribution on
  its next update.

-
 ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGt1rYXm3vHE4uyloRAgDsAKDoUXmnJ3RQySW/8M42AIqZkBL/nACfXCTB
65bBxkPu0KG9yJTONnNgFQ4=
=JSxH
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung