<<< Date Index >>>     <<< Thread Index >>>

[SECURITY] [DSA 1390-1] New t1lib packages fix arbitrary code execution



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1390-1                security@xxxxxxxxxx
http://www.debian.org/security/                         Noah Meyerhans
October 18, 2007                    http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : t1lib
Vulnerability  : buffer overflow
Problem type   : local (remote)
Debian-specific: no
CVE Id(s)      : CVE-2007-4033
Debian Bug     : 439927

Hamid Ebadi has discovered a buffer overflow the
intT1_Env_GetCompletePath routine in t1lib, a Type 1 font rasterizer
library.  This flaw could allow an attacker to crash and application
using the t1lib shared libraries, and potentially execute arbitrary code
within such an application's security context.

For the stable distribution (etch), this problem has been fixed in
version 5.1.0-2etch1

For the old stable distribution (sarge), this problem has been fixed in
version 5.0.2-3sarge1

We recommend that you upgrade your t1lib package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian 3.1 (oldstable)
- ----------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, 
mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/t/t1lib/t1lib_5.0.2.orig.tar.gz
    Size/MD5 checksum:  1697086 cc5d4130b25bb8a1c930488b78930e9b
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib_5.0.2-3sarge1.diff.gz
    Size/MD5 checksum:   315328 73b04c0083681da97813ced3783dbd02
  http://security.debian.org/pool/updates/main/t/t1lib/t1lib_5.0.2-3sarge1.dsc
    Size/MD5 checksum:      717 d82a7a9aaeca3868a1c01f3588a59137

Architecture independent packages:

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-doc_5.0.2-3sarge1_all.deb
    Size/MD5 checksum:   607008 9f58a16450cc7c2ccd7477cc04c30fac

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_alpha.deb
    Size/MD5 checksum:    55804 c5a1e15a9e13fb2ba0d85bcc943f6c6c
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_alpha.deb
    Size/MD5 checksum:   171702 0ac97fe5a81fe188e6bd1ff0fc41baa8
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_alpha.deb
    Size/MD5 checksum:   250490 e06881a3fa3c1a75e4a0f5a4c3b1ec4d

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_amd64.deb
    Size/MD5 checksum:    57148 0a0b216df77ba48431a63ebbedc0233c
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_amd64.deb
    Size/MD5 checksum:   155504 51b66ac279d7c9fb4ea053aa6cc7aa2d
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_amd64.deb
    Size/MD5 checksum:   186478 7c929716eaafbff8ee664e5836fcd864

hppa architecture (HP PA RISC)

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_hppa.deb
    Size/MD5 checksum:    58626 6aee72f7f31daecfb528ee1986984b29
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_hppa.deb
    Size/MD5 checksum:   173154 d0617135ef8abf2d326e1ed99ed24f79
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_hppa.deb
    Size/MD5 checksum:   209586 fed03ca1e54caca0e601617392271387

i386 architecture (Intel ia32)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_i386.deb
    Size/MD5 checksum:   171504 ad6838104a95c3a9f6933cdb072abaee
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_i386.deb
    Size/MD5 checksum:   144334 e65ca2e30180f0ed3d9eadc6cc62216d
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_i386.deb
    Size/MD5 checksum:    53630 68660615bdbb04de7c79c56efcfe4e96

ia64 architecture (Intel ia64)

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_ia64.deb
    Size/MD5 checksum:    64650 96bee27e31af1a635d84c2d8eb6268a8
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_ia64.deb
    Size/MD5 checksum:   214292 38787cea2e2c8ace9abe4dee966a1d73
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_ia64.deb
    Size/MD5 checksum:   264602 49703884c7ae0ffb2690c0750b3f2e4b

m68k architecture (Motorola Mc680x0)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_m68k.deb
    Size/MD5 checksum:   133396 bc072a1e6184f1024c8a7f048c2d78f3
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_m68k.deb
    Size/MD5 checksum:    49158 d30c3aed647407d1a20c523100aeb794
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_m68k.deb
    Size/MD5 checksum:   154468 4efbf0cdb5d9c768368df9b5aad30e87

mips architecture (MIPS (Big Endian))

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_mips.deb
    Size/MD5 checksum:    49168 50fc0d43483c493622e718e5f462042e
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_mips.deb
    Size/MD5 checksum:   147794 12a727e0e4fd36b0382440a8b8319b8d
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_mips.deb
    Size/MD5 checksum:   207000 26a68997f70a36e44be0bf7bc5537c01

mipsel architecture (MIPS (Little Endian))

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_mipsel.deb
    Size/MD5 checksum:   205948 fbc4fb9813fa26baf91691e6cb5ce947
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_mipsel.deb
    Size/MD5 checksum:   148340 41ea1ee7ad054bbbfe1b3fcd96d4e459
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_mipsel.deb
    Size/MD5 checksum:    48892 2a6d1dffa7d83cde39d151490fd046a2

powerpc architecture (PowerPC)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_powerpc.deb
    Size/MD5 checksum:   152040 a6408141be03d8ec6e4049c5d2facf5d
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_powerpc.deb
    Size/MD5 checksum:   200334 a0c24d192aff2888693c177a788ed9db
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_powerpc.deb
    Size/MD5 checksum:    52856 10f1d19d94ba0aa70674e1d6ea811163

s390 architecture (IBM S/390)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_s390.deb
    Size/MD5 checksum:   179304 da7130afa570f1dd64b52679e99f52ec
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_s390.deb
    Size/MD5 checksum:    54932 a92f3cbd2126e32f7544cad05ee8111d
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_s390.deb
    Size/MD5 checksum:   158040 ee5fd3597a990fb4baee99273a49cb9e

sparc architecture (Sun SPARC/UltraSPARC)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.0.2-3sarge1_sparc.deb
    Size/MD5 checksum:   188928 e3ad4dee1d75eee85b75a162b9320181
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.0.2-3sarge1_sparc.deb
    Size/MD5 checksum:   153722 d08b786567066b638ace4bd2a1358635
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.0.2-3sarge1_sparc.deb
    Size/MD5 checksum:    54586 f0465a7a36d61a756af63b8eee712f37

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, 
mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/t/t1lib/t1lib_5.1.0-2etch1.dsc
    Size/MD5 checksum:      712 b7102b98ac02154dd4412e59b944e150
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib_5.1.0-2etch1.diff.gz
    Size/MD5 checksum:    13648 c2969c0da7ce6875925412faf96e60c1
  http://security.debian.org/pool/updates/main/t/t1lib/t1lib_5.1.0.orig.tar.gz
    Size/MD5 checksum:  1838635 a05bed4aa63637052e60690ccde70421

Architecture independent packages:

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-doc_5.1.0-2etch1_all.deb
    Size/MD5 checksum:   608800 ad8fa2fd7fa2fd06f04c3a5351384ea4

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_alpha.deb
    Size/MD5 checksum:   174382 5d37e43a0ce3f9fc88b96e7e9c96480e
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_alpha.deb
    Size/MD5 checksum:    57436 3bbfade6697b24e2e6d0ef3f16b91baa
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_alpha.deb
    Size/MD5 checksum:   254764 1e7a1d7e7e7c2604a5b1f824bed9cc0d

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_amd64.deb
    Size/MD5 checksum:   190548 574df64c18a06966c9a61a1b22d45179
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_amd64.deb
    Size/MD5 checksum:   159478 dcc9ddce3a3b95148f806e47bed26430
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_amd64.deb
    Size/MD5 checksum:    58958 2a2582d4888cd50595457fe75d6993d6

arm architecture (ARM)

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_arm.deb
    Size/MD5 checksum:    57332 74e3b323300807d47df32293f2822df7
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_arm.deb
    Size/MD5 checksum:   154304 d9eee39b52ac0fbc7124b7e42336336f
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_arm.deb
    Size/MD5 checksum:   176120 322a0f62bcb958d47e793ca8d02fbd25

hppa architecture (HP PA RISC)

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_hppa.deb
    Size/MD5 checksum:    57860 97d328d50b7466a4c5497e3d2266d668
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_hppa.deb
    Size/MD5 checksum:   214110 6a95db459b4cec9975a5600a3d1a73b3
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_hppa.deb
    Size/MD5 checksum:   168606 a27b5d4295dc13b880af73703d80e97a

i386 architecture (Intel ia32)

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_i386.deb
    Size/MD5 checksum:    53786 09ffdbb73d67dce27e2e6fed44406287
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_i386.deb
    Size/MD5 checksum:   146336 e7069f1db9b00800a6e6d7f6224514de
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_i386.deb
    Size/MD5 checksum:   173816 7f8d112d1f7bf5adbf03c76546ffb73a

ia64 architecture (Intel ia64)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_ia64.deb
    Size/MD5 checksum:   285398 9090d6aff007cf264f6feb2b777a3d94
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_ia64.deb
    Size/MD5 checksum:   230594 14b80f3aac0713ce6d41f61c7156bbea
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_ia64.deb
    Size/MD5 checksum:    68980 77c2c4c457e42e7d78ebef72e50adac9

mips architecture (MIPS (Big Endian))

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_mips.deb
    Size/MD5 checksum:   214042 042b32f4290ba2d4a21eaec381f10786
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_mips.deb
    Size/MD5 checksum:   154464 52b725ac8aa9e784de4439e940474ab0
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_mips.deb
    Size/MD5 checksum:    51780 b7de2c891696a44e1b8833866a061a3b

mipsel architecture (MIPS (Little Endian))

  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_mipsel.deb
    Size/MD5 checksum:    51694 8bf0bb3b0863525c79060be1277d9f45
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_mipsel.deb
    Size/MD5 checksum:   154678 3aa1788adc5e9fc0b7ecee6daa0dfddf
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_mipsel.deb
    Size/MD5 checksum:   212940 c0d6e778f8685d5826e5886518167775

powerpc architecture (PowerPC)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_powerpc.deb
    Size/MD5 checksum:   204994 388d8547673de1e2fdbb7718732a5338
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_powerpc.deb
    Size/MD5 checksum:   155704 32c9638207954d7d2a8e65a1058a7353
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_powerpc.deb
    Size/MD5 checksum:    54924 536812ad1c6f7262284d4bcde11b37be

s390 architecture (IBM S/390)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_s390.deb
    Size/MD5 checksum:   181332 0202609cf9d1fea670118d0eb90c8ca0
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_s390.deb
    Size/MD5 checksum:   161772 ad015ceb7c89d3f0c73aa885c418aaf1
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_s390.deb
    Size/MD5 checksum:    59272 30c65aa40d88c0a102881fdeaadc26cb

sparc architecture (Sun SPARC/UltraSPARC)

  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-dev_5.1.0-2etch1_sparc.deb
    Size/MD5 checksum:   190592 73106752f7218fb6e27314e1b4e51305
  
http://security.debian.org/pool/updates/main/t/t1lib/t1lib-bin_5.1.0-2etch1_sparc.deb
    Size/MD5 checksum:    55328 7701a62f6c01e138b5d90aed4aa13895
  
http://security.debian.org/pool/updates/main/t/t1lib/libt1-5_5.1.0-2etch1_sparc.deb
    Size/MD5 checksum:   152788 7815f95c86042bf0da1ca73e5aaa814d


  These files will probably be moved into the stable distribution on
  its next update.

- 
---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security 
dists/stable/updates/main
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHF/UmYrVLjBFATsMRAr63AJ9zGXOVx7OW5S1RBo3O0aJQ3QrFPACgghOl
oRAXdvO6V5Pa5SGUIBZP2M0=
=suvl
-----END PGP SIGNATURE-----