<<< Date Index >>>     <<< Thread Index >>>

MDKSA-2006:008 - Updated koffice packages fix several vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:008
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : koffice
 Date    : January 6, 2006
 Affected: 2006.0
 _______________________________________________________________________
 
 Problem Description:
 
 Multiple heap-based buffer overflows in the
 DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions
 in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier,
 allow user-complicit attackers to cause a denial of service (heap
 corruption) and possibly execute arbitrary code via a crafted  PDF file
 with an out-of-range number of components (numComps), which is used as
 an array index. (CVE-2005-3191)
  
 Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01
 allows remote attackers to execute arbitrary code via a PDF file with
 an out-of-range numComps (number of components) field. (CVE-2005-3192)
 
 Heap-based buffer overflow in the JPXStream::readCodestream function
 in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier
 allows user-complicit attackers to cause a denial of service (heap
 corruption) and possibly execute arbitrary code via a crafted PDF file
 with large size values that cause insufficient memory to be allocated.
 (CVE-2005-3193)
 
 An additional patch re-addresses memory allocation routines in
 goo/gmem.c (Martin Pitt/Canonical, Dirk Mueller/KDE). 
 
 In addition, Chris Evans discovered several other vulnerbilities in
 the xpdf code base:
 
  Out-of-bounds heap accesses with large or negative parameters to 
   "FlateDecode" stream. (CVE-2005-3192)
 
  Out-of-bounds heap accesses with large or negative parameters to
   "CCITTFaxDecode" stream. (CVE-2005-3624)
 
  Infinite CPU spins in various places when stream ends unexpectedly.
   (CVE-2005-3625) 
 
  NULL pointer crash in the "FlateDecode" stream. (CVE-2005-3626)
 
  Overflows of compInfo array in "DCTDecode" stream. (CVE-2005-3627)
 
  Possible to use index past end of array in "DCTDecode" stream.
   (CVE-2005-3627)
 
  Possible out-of-bounds indexing trouble in "DCTDecode" stream.
   (CVE-2005-3627)
 
 Koffice uses an embedded copy of the xpdf code, with the same
 vulnerabilities.
 
 The updated packages have been patched to correct these problems.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 5decbf029bf4482d1f93ea0df446121f  
2006.0/RPMS/koffice-1.4.2-11.2.20060mdk.i586.rpm
 2aca3ec22b051466aeb57c82b26d12aa  
2006.0/RPMS/koffice-karbon-1.4.2-11.2.20060mdk.i586.rpm
 f39b2a5a7ef35a0f579a0055b1c429c4  
2006.0/RPMS/koffice-kexi-1.4.2-11.2.20060mdk.i586.rpm
 caab0530fcfcf10ec5913e7b101541c6  
2006.0/RPMS/koffice-kformula-1.4.2-11.2.20060mdk.i586.rpm
 0a3732921e20069fd3b5cbac8c4733a9  
2006.0/RPMS/koffice-kivio-1.4.2-11.2.20060mdk.i586.rpm
 e4d711f1487f3716f19527950bb64283  
2006.0/RPMS/koffice-koshell-1.4.2-11.2.20060mdk.i586.rpm
 f5013764806edfcf9a31503b613459a2  
2006.0/RPMS/koffice-kpresenter-1.4.2-11.2.20060mdk.i586.rpm
 668a7eb653da4db18b2e1c9daefb7e94  
2006.0/RPMS/koffice-krita-1.4.2-11.2.20060mdk.i586.rpm
 ebb18a9011e702f01718c4c2b4d759e1  
2006.0/RPMS/koffice-kspread-1.4.2-11.2.20060mdk.i586.rpm
 89a8d46e5768595584fcdbe307add521  
2006.0/RPMS/koffice-kugar-1.4.2-11.2.20060mdk.i586.rpm
 1e9b58585bf742239b210e8519ed0d8f  
2006.0/RPMS/koffice-kword-1.4.2-11.2.20060mdk.i586.rpm
 e5e19df847dc2693066a922f73b42c50  
2006.0/RPMS/koffice-progs-1.4.2-11.2.20060mdk.i586.rpm
 fa63274a949dd60692888f515606f079  
2006.0/RPMS/libkoffice2-karbon-1.4.2-11.2.20060mdk.i586.rpm
 8bedc58288b05ffb3134c07b7d46a118  
2006.0/RPMS/libkoffice2-karbon-devel-1.4.2-11.2.20060mdk.i586.rpm
 681887908face81c17a37ca00d6c6022  
2006.0/RPMS/libkoffice2-kexi-1.4.2-11.2.20060mdk.i586.rpm
 eab5ad72e95f108b923f3bf32bbe10f5  
2006.0/RPMS/libkoffice2-kexi-devel-1.4.2-11.2.20060mdk.i586.rpm
 7e4b3718e863d0f66f2b7daca2a25f83  
2006.0/RPMS/libkoffice2-kformula-1.4.2-11.2.20060mdk.i586.rpm
 bad0d716230bad4a9fe0ae27017b0ef7  
2006.0/RPMS/libkoffice2-kformula-devel-1.4.2-11.2.20060mdk.i586.rpm
 077a3368bef791e1105ba82e41424847  
2006.0/RPMS/libkoffice2-kivio-1.4.2-11.2.20060mdk.i586.rpm
 8091986d4999e3a702db1139c4cd1ac1  
2006.0/RPMS/libkoffice2-kivio-devel-1.4.2-11.2.20060mdk.i586.rpm
 74eee88d1cafaab8ff4bbbe9717a0e6c  
2006.0/RPMS/libkoffice2-koshell-1.4.2-11.2.20060mdk.i586.rpm
 25524a101fb458bfa15bf56706f1d02d  
2006.0/RPMS/libkoffice2-kpresenter-1.4.2-11.2.20060mdk.i586.rpm
 e37ecf1e3aa338df37fa210aaf7822dd  
2006.0/RPMS/libkoffice2-krita-1.4.2-11.2.20060mdk.i586.rpm
 cb1a07a6c9da09e6db6a506d8875daf8  
2006.0/RPMS/libkoffice2-krita-devel-1.4.2-11.2.20060mdk.i586.rpm
 d1594075f9152ac891bb1bf2c3348770  
2006.0/RPMS/libkoffice2-kspread-1.4.2-11.2.20060mdk.i586.rpm
 5f026461f8fba599df483bbaefcf8b23  
2006.0/RPMS/libkoffice2-kspread-devel-1.4.2-11.2.20060mdk.i586.rpm
 897cbd506eb32b4cfecd6d4430cf217a  
2006.0/RPMS/libkoffice2-kugar-1.4.2-11.2.20060mdk.i586.rpm
 7f4a36c89f799e2f6bf19e1bd9264f89  
2006.0/RPMS/libkoffice2-kugar-devel-1.4.2-11.2.20060mdk.i586.rpm
 3fe5da8dc83ca866d6ae3a2eb21ff0f0  
2006.0/RPMS/libkoffice2-kword-1.4.2-11.2.20060mdk.i586.rpm
 242ea66e5928964417859b1a26b665f8  
2006.0/RPMS/libkoffice2-kword-devel-1.4.2-11.2.20060mdk.i586.rpm
 264f937ee2f1678245d3786fb449a1e5  
2006.0/RPMS/libkoffice2-progs-1.4.2-11.2.20060mdk.i586.rpm
 6fc8f4494593692a215e6ace8bfc1112  
2006.0/RPMS/libkoffice2-progs-devel-1.4.2-11.2.20060mdk.i586.rpm
 d1aa09f80b3e57ecfd60f0a7e263094a  
2006.0/SRPMS/koffice-1.4.2-11.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 895d2918a4723f99eb839c4d27306406  
x86_64/2006.0/RPMS/koffice-1.4.2-11.2.20060mdk.x86_64.rpm
 e24e0e322dfe02f73c5d1b0571158cf2  
x86_64/2006.0/RPMS/koffice-karbon-1.4.2-11.2.20060mdk.x86_64.rpm
 e22a93254fd15c0a7b672a1c6bcb91a0  
x86_64/2006.0/RPMS/koffice-kexi-1.4.2-11.2.20060mdk.x86_64.rpm
 39dcd78e2747823f30364a789a7d1193  
x86_64/2006.0/RPMS/koffice-kformula-1.4.2-11.2.20060mdk.x86_64.rpm
 c726114646f5fe94121cc2e48a4647b5  
x86_64/2006.0/RPMS/koffice-kivio-1.4.2-11.2.20060mdk.x86_64.rpm
 bfcdebd6ced8553c1a7eb6ea1ffddbb9  
x86_64/2006.0/RPMS/koffice-koshell-1.4.2-11.2.20060mdk.x86_64.rpm
 5f4d36c6c03dec33f6f88346fe1c8c11  
x86_64/2006.0/RPMS/koffice-kpresenter-1.4.2-11.2.20060mdk.x86_64.rpm
 515f8db1ae75c28717a7ed8b7475278f  
x86_64/2006.0/RPMS/koffice-krita-1.4.2-11.2.20060mdk.x86_64.rpm
 4cfe74acd379f314f6ff2845920b64b7  
x86_64/2006.0/RPMS/koffice-kspread-1.4.2-11.2.20060mdk.x86_64.rpm
 6ec357843424d14fadbd457e49fc3c34  
x86_64/2006.0/RPMS/koffice-kugar-1.4.2-11.2.20060mdk.x86_64.rpm
 ac0a4544be03c14981d165c83dd0893e  
x86_64/2006.0/RPMS/koffice-kword-1.4.2-11.2.20060mdk.x86_64.rpm
 1a6ddfd8cdde5c9fc9c23fa58e55a7e2  
x86_64/2006.0/RPMS/koffice-progs-1.4.2-11.2.20060mdk.x86_64.rpm
 9bf5725e0a5b369653bd579c6be151e6  
x86_64/2006.0/RPMS/lib64koffice2-karbon-1.4.2-11.2.20060mdk.x86_64.rpm
 bb80a747c3ba10682967664d58d5a3dc  
x86_64/2006.0/RPMS/lib64koffice2-karbon-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 8f7003b51389274cec77c0eaa4f620a1  
x86_64/2006.0/RPMS/lib64koffice2-kexi-1.4.2-11.2.20060mdk.x86_64.rpm
 b0058d2ffe854eb0fc7f6d3694b2cf0c  
x86_64/2006.0/RPMS/lib64koffice2-kexi-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 0c2dfe7985b8d29b11fb6d5f3bc5f187  
x86_64/2006.0/RPMS/lib64koffice2-kformula-1.4.2-11.2.20060mdk.x86_64.rpm
 fe64e075b725f2003ad4b3b75e633815  
x86_64/2006.0/RPMS/lib64koffice2-kformula-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 1ce7238b2d8494313df1f71cb5ab45ee  
x86_64/2006.0/RPMS/lib64koffice2-kivio-1.4.2-11.2.20060mdk.x86_64.rpm
 4a64f4ef06c4404f7d77685d195c11ba  
x86_64/2006.0/RPMS/lib64koffice2-kivio-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 92fea6a7449391fc2c35e02044d03e83  
x86_64/2006.0/RPMS/lib64koffice2-koshell-1.4.2-11.2.20060mdk.x86_64.rpm
 a99e683d8c5585df998d5735d4c01f7d  
x86_64/2006.0/RPMS/lib64koffice2-kpresenter-1.4.2-11.2.20060mdk.x86_64.rpm
 5f19278c29cf6656d9a56ef39f14d145  
x86_64/2006.0/RPMS/lib64koffice2-krita-1.4.2-11.2.20060mdk.x86_64.rpm
 930b637523e583344c0303844496e768  
x86_64/2006.0/RPMS/lib64koffice2-krita-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 880b0863b0c0f0ddcde22207abac3164  
x86_64/2006.0/RPMS/lib64koffice2-kspread-1.4.2-11.2.20060mdk.x86_64.rpm
 cd0b2c995b2ef8c9f90dbb35349b1b95  
x86_64/2006.0/RPMS/lib64koffice2-kspread-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 d4fa15a626d04a31222c596e9b0781a3  
x86_64/2006.0/RPMS/lib64koffice2-kugar-1.4.2-11.2.20060mdk.x86_64.rpm
 0562292a610452f83c5070791aeac977  
x86_64/2006.0/RPMS/lib64koffice2-kugar-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 ecc6a0c00d8c9160400db4c1698a918e  
x86_64/2006.0/RPMS/lib64koffice2-kword-1.4.2-11.2.20060mdk.x86_64.rpm
 0b87a74b84ed37b1d95e5a61247bbe39  
x86_64/2006.0/RPMS/lib64koffice2-kword-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 5935898f0e48d386a8f50d1be0f39e62  
x86_64/2006.0/RPMS/lib64koffice2-progs-1.4.2-11.2.20060mdk.x86_64.rpm
 f96c5fd8d1e3366a3bef48ef49d52559  
x86_64/2006.0/RPMS/lib64koffice2-progs-devel-1.4.2-11.2.20060mdk.x86_64.rpm
 d1aa09f80b3e57ecfd60f0a7e263094a  
x86_64/2006.0/SRPMS/koffice-1.4.2-11.2.20060mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDvs3umqjQ0CJFipgRAsQWAKDhkKglUv6U7HiqveMCZl+UYqSnKQCfRF1P
VZDGDCNSiLOLUNqpi69LYE8=
=ZQ9V
-----END PGP SIGNATURE-----