[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
From: joey@xxxxxxxxxxxx (Martin Schulze)
Date: Thu, 25 Nov 2004 15:48:24 +0100 (CET)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mail-followup-to: bugtraq@xxxxxxxxxxxxxxxxx
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Old-return-path: <joey@xxxxxxxxxxxx>
Priority: urgent
Reply-to: listadmin@xxxxxxxxxxxxxxxxx
Resent-cc: recipient list not shown: ;
Resent-date: Thu, 25 Nov 2004 08:57:19 -0600 (CST)
Resent-from: list@xxxxxxxxxxxxxxxxx (SmartList)
Resent-message-id: <sgxrq.A.FoE.PLfpBB@murphy>
User-agent: dsa-launch $Revision: 1.14 $

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 599-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Martin Schulze
November 25th, 2004                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : tetex-bin
Vulnerability  : integer overflows
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0888
Debian Bug     : 278298

Chris Evans discovered several integer overflows in xpdf, that are
also present in tetex-bin, binary files for the teTeX distribution,
which can be exploited remotely by a specially crafted PDF document
and lead to the execution of arbitrary code.

For the stable distribution (woody) these problems have been fixed in
version 20011202-7.3.

For the unstable distribution (sid) these problems have been fixed in
version 2.0.2-23.

We recommend that you upgrade your tetex-bin packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3.dsc
      Size/MD5 checksum:      874 0774ffbc5e428a21939d7d10070ef12b
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3.tar.gz
      Size/MD5 checksum: 10329770 9ffa7015b10981c3524e8d6147f2c077

  Alpha architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_alpha.deb
      Size/MD5 checksum:    84664 7b82ef947ccbd60c57e31fa1cdbceeae
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_alpha.deb
      Size/MD5 checksum:    53042 e14d212ec7d9a21859b443ea11210d12
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_alpha.deb
      Size/MD5 checksum:  4568870 d8a00aedde830f02a46f70ae97bcdfbc

  ARM architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_arm.deb
      Size/MD5 checksum:    65256 c7fb486f0e58d6f90a080313ade6d980
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_arm.deb
      Size/MD5 checksum:    43610 acf504677a35232f075cb6368cb73c4f
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_arm.deb
      Size/MD5 checksum:  3703874 25b4e1d62d2b010382bb74e610f7de32

  Intel IA-32 architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_i386.deb
      Size/MD5 checksum:    62598 6c11adfac9cbe8007aa89fa91bef57da
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_i386.deb
      Size/MD5 checksum:    40742 afda3a9de40083b9fb4a9d92a57749f3
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_i386.deb
      Size/MD5 checksum:  3137234 898331b25326db5114be3fde93b191d1

  Intel IA-64 architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_ia64.deb
      Size/MD5 checksum:    89716 c18229e93ad1bcd55a4baf9236798545
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_ia64.deb
      Size/MD5 checksum:    63354 67c881d278113cd980dcfba6b52b2b1a
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_ia64.deb
      Size/MD5 checksum:  5598790 7e42e2710c659668fd6cb49ee73d333d

  HP Precision architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_hppa.deb
      Size/MD5 checksum:    79336 56b55b712e71ff618a1f861fe79ec21c
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_hppa.deb
      Size/MD5 checksum:    49324 8577bdb403711604e3ff31cef86a9f1a
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_hppa.deb
      Size/MD5 checksum:  4106740 0f07a18dd4762a7d4bd5ea0881b8a80e

  Motorola 680x0 architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_m68k.deb
      Size/MD5 checksum:    61894 645b35f6e1d139a50f2fbd33be3c985b
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_m68k.deb
      Size/MD5 checksum:    41370 7b6ce68854bf90f1914f90d386a83dcf
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_m68k.deb
      Size/MD5 checksum:  2923076 de62311a6c75ca949adf65b09c5d0722
  Big endian MIPS architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_mips.deb
      Size/MD5 checksum:    75110 725f811a3b30630c84fa63137eca473d
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_mips.deb
      Size/MD5 checksum:    42380 a89bb43e57cfb784e5b9193177c7894e
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_mips.deb
      Size/MD5 checksum:  3941306 2e93d929facb57b8a3500780c00c2335

  Little endian MIPS architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_mipsel.deb
      Size/MD5 checksum:    74908 973bf6cec0fd0f972d1e159e1565953c
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_mipsel.deb
      Size/MD5 checksum:    42592 360874783cafee5a52b11a9f34cca859
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_mipsel.deb
      Size/MD5 checksum:  3899668 a8f1b96d1cd98bbb47ab0a685d719695

  PowerPC architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_powerpc.deb
      Size/MD5 checksum:    73942 631231dd210da928ae371d327d1d9c19
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_powerpc.deb
      Size/MD5 checksum:    45282 0452f97d7b0fa7d385c2bbe1f7f9010f
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_powerpc.deb
      Size/MD5 checksum:  3587232 c4895e69f2428a9641418ebc751fe7d3

  IBM S/390 architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_s390.deb
      Size/MD5 checksum:    64264 a1d4534009c6c82335c5231869b921d9
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_s390.deb
      Size/MD5 checksum:    43760 ead82804aaee31f3ba40d98d6d11ed7b
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_s390.deb
      Size/MD5 checksum:  3441172 8ca00fddab7f9c3c612e6ac3db9889a4

  Sun Sparc architecture:

    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_sparc.deb
      Size/MD5 checksum:    70710 d0e1d6a50ca4dfbe852445d6b49b1a40
    
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_sparc.deb
      Size/MD5 checksum:    48748 907d98a1136cfd90f0678497728885d0
    
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_sparc.deb
      Size/MD5 checksum:  3598666 0deea34aef2ec55cb04eb8f93204d2f2


  These files will probably be moved into the stable distribution on
  its next update.

- 
---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security 
dists/stable/updates/main
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBpfC4W5ql+IAeqTIRAkfJAJ0WxP0zV5CTgCOBQFLHRwiLsRUCvwCgkTQt
AYT6xca57KtGVtMIKxy6HXk=
=M2UP
-----END PGP SIGNATURE-----

Prev by Date: Atari800 - local root.
Next by Date: [ GLSA 200411-32 ] phpBB: Remote command execution
Previous by thread: Atari800 - local root.
Next by thread: [ GLSA 200411-32 ] phpBB: Remote command execution
Index(es):
- Date
- Thread