Home page logo
/

bugtraq logo Bugtraq mailing list archives

MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability
From: Mandrake Linux Security Team <security () linux-mandrake com>
Date: 30 Dec 2004 04:07:13 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           kdegraphics
 Advisory ID:            MDKSA-2004:163
 Date:                   December 29th, 2004

 Affected versions:      10.0, 10.1
 ______________________________________________________________________

 Problem Description:

 iDefense reported a buffer overflow vulnerability, which affects 
 versions of xpdf <= xpdf-3.0 and several programs, like kdegraphics, 
 which use embedded xpdf code. An attacker could construct a malicious 
 payload file which could enable arbitrary code execution on the target 
 system.
 
 The updated packages are patched to protect against these
 vulnerabilities.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 0aad89bf86f8dfdf4f592fc2d308aac8  10.0/RPMS/kdegraphics-3.2-15.4.100mdk.i586.rpm
 bbb9935d9447df8c7082e87511119523  10.0/RPMS/kdegraphics-common-3.2-15.4.100mdk.i586.rpm
 c3f3b8b09a990b1ac2ba16bda0571d18  10.0/RPMS/kdegraphics-kdvi-3.2-15.4.100mdk.i586.rpm
 8b5378a199b09166682badc792cbca28  10.0/RPMS/kdegraphics-kfax-3.2-15.4.100mdk.i586.rpm
 4121a4c606c32a8f29aaeb4057021d7f  10.0/RPMS/kdegraphics-kghostview-3.2-15.4.100mdk.i586.rpm
 03ea5e701c65477e1d384d58f97795b5  10.0/RPMS/kdegraphics-kiconedit-3.2-15.4.100mdk.i586.rpm
 dd9b7c9063ffc535d5bc576fd6ef83d6  10.0/RPMS/kdegraphics-kooka-3.2-15.4.100mdk.i586.rpm
 b018d913cf3b946c797de243f1150236  10.0/RPMS/kdegraphics-kpaint-3.2-15.4.100mdk.i586.rpm
 8bbc3906bf78ce2b825cc537f3810f6f  10.0/RPMS/kdegraphics-kpdf-3.2-15.4.100mdk.i586.rpm
 9ff036ed18246585597a8ad87d5772ea  10.0/RPMS/kdegraphics-kpovmodeler-3.2-15.4.100mdk.i586.rpm
 72b3612f468818d929d0f434539c50ce  10.0/RPMS/kdegraphics-kruler-3.2-15.4.100mdk.i586.rpm
 2bec9be5d3392ffd9e67fd661ada9bfe  10.0/RPMS/kdegraphics-ksnapshot-3.2-15.4.100mdk.i586.rpm
 908123c8dbc97b92ab45697c761d9c83  10.0/RPMS/kdegraphics-ksvg-3.2-15.4.100mdk.i586.rpm
 5b771cd88108ddc283e9b787027e53cc  10.0/RPMS/kdegraphics-kuickshow-3.2-15.4.100mdk.i586.rpm
 6a67b4149988a5f5520eae6725a6dcac  10.0/RPMS/kdegraphics-kview-3.2-15.4.100mdk.i586.rpm
 0ab79fa93e966dcadb7b93cb9c0aa6c8  10.0/RPMS/kdegraphics-mrmlsearch-3.2-15.4.100mdk.i586.rpm
 69476213a75b8053c1a0790ab45cf1c6  10.0/RPMS/libkdegraphics0-common-3.2-15.4.100mdk.i586.rpm
 afe63bccd4c0816f3c2f850d3bc3f1b2  10.0/RPMS/libkdegraphics0-common-devel-3.2-15.4.100mdk.i586.rpm
 f678e114d508c74021b37b806ed84cb4  10.0/RPMS/libkdegraphics0-kooka-3.2-15.4.100mdk.i586.rpm
 5678a356a7b7a91e08d7d43cae6bb6ab  10.0/RPMS/libkdegraphics0-kooka-devel-3.2-15.4.100mdk.i586.rpm
 ae2a40c37f0f6c89a645cac10c94d6d4  10.0/RPMS/libkdegraphics0-kpovmodeler-3.2-15.4.100mdk.i586.rpm
 feedcaae1fdeea49a48fb9a7d4f412af  10.0/RPMS/libkdegraphics0-kpovmodeler-devel-3.2-15.4.100mdk.i586.rpm
 124b7d0d062fdf43c64b2ac731172826  10.0/RPMS/libkdegraphics0-ksvg-3.2-15.4.100mdk.i586.rpm
 e442bf1e01e15842588ebe4f9a227165  10.0/RPMS/libkdegraphics0-ksvg-devel-3.2-15.4.100mdk.i586.rpm
 08dba17ab01142fa8888d39bc3fff0de  10.0/RPMS/libkdegraphics0-kuickshow-3.2-15.4.100mdk.i586.rpm
 36d660432e72556efd180f9c74dd1037  10.0/RPMS/libkdegraphics0-kview-3.2-15.4.100mdk.i586.rpm
 eaea596eee68523f50c85866f71a5759  10.0/RPMS/libkdegraphics0-kview-devel-3.2-15.4.100mdk.i586.rpm
 8dbdcff22cb17bffff40726dca4e2cb1  10.0/RPMS/libkdegraphics0-mrmlsearch-3.2-15.4.100mdk.i586.rpm
 55f21b87afc2bd13a5e60b92a0c9a9ef  10.0/SRPMS/kdegraphics-3.2-15.4.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 46cf7ad2347ec289f6be4bcd1873de30  amd64/10.0/RPMS/kdegraphics-3.2-15.4.100mdk.amd64.rpm
 9690aa586d3195e1b44467544fe18e10  amd64/10.0/RPMS/kdegraphics-common-3.2-15.4.100mdk.amd64.rpm
 f531661964732da3d701c7133c9e78d1  amd64/10.0/RPMS/kdegraphics-kdvi-3.2-15.4.100mdk.amd64.rpm
 87cc12d85ed28cc74e84b423563d49d3  amd64/10.0/RPMS/kdegraphics-kfax-3.2-15.4.100mdk.amd64.rpm
 262aab890ab13afa83cf88b1b4fadf0e  amd64/10.0/RPMS/kdegraphics-kghostview-3.2-15.4.100mdk.amd64.rpm
 04f0232d719126f37d7b594e4cbbf49b  amd64/10.0/RPMS/kdegraphics-kiconedit-3.2-15.4.100mdk.amd64.rpm
 dcb4a913b5d207f1ad38108c611b97a5  amd64/10.0/RPMS/kdegraphics-kooka-3.2-15.4.100mdk.amd64.rpm
 ee6eed8cef2657150fc4c28bb0c59c02  amd64/10.0/RPMS/kdegraphics-kpaint-3.2-15.4.100mdk.amd64.rpm
 cbda373944ce46d04aacfeffface23a1  amd64/10.0/RPMS/kdegraphics-kpdf-3.2-15.4.100mdk.amd64.rpm
 2d103c058606413f268503eba9090505  amd64/10.0/RPMS/kdegraphics-kpovmodeler-3.2-15.4.100mdk.amd64.rpm
 3aec6c11e63ebfda8e5d441cd788f31d  amd64/10.0/RPMS/kdegraphics-kruler-3.2-15.4.100mdk.amd64.rpm
 eaccea9be5fe63e40ca98637f8ce8f41  amd64/10.0/RPMS/kdegraphics-ksnapshot-3.2-15.4.100mdk.amd64.rpm
 e52b40b1a039445985f7f90ca5e989d3  amd64/10.0/RPMS/kdegraphics-ksvg-3.2-15.4.100mdk.amd64.rpm
 9f14c53b3a5503d33da782fa57aec72b  amd64/10.0/RPMS/kdegraphics-kuickshow-3.2-15.4.100mdk.amd64.rpm
 7cd039156540e509192fde5b8ff24446  amd64/10.0/RPMS/kdegraphics-kview-3.2-15.4.100mdk.amd64.rpm
 64a513f11ca91390f3320538a7de3d61  amd64/10.0/RPMS/kdegraphics-mrmlsearch-3.2-15.4.100mdk.amd64.rpm
 4cb28efb25db0f84f292eb4ef1c410e3  amd64/10.0/RPMS/lib64kdegraphics0-common-3.2-15.4.100mdk.amd64.rpm
 797f897b16f720b3f2cb15bc824fa80a  amd64/10.0/RPMS/lib64kdegraphics0-common-devel-3.2-15.4.100mdk.amd64.rpm
 889e098ce59a0a742d2d13a6d2ac4bfe  amd64/10.0/RPMS/lib64kdegraphics0-kooka-3.2-15.4.100mdk.amd64.rpm
 adc6f9258ad1c59760190d2c73027b6a  amd64/10.0/RPMS/lib64kdegraphics0-kooka-devel-3.2-15.4.100mdk.amd64.rpm
 9dcb3d7bda68765ac77e54d10806927d  amd64/10.0/RPMS/lib64kdegraphics0-kpovmodeler-3.2-15.4.100mdk.amd64.rpm
 1113c287ce9c7b970542d2d9a9f4c1b8  amd64/10.0/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2-15.4.100mdk.amd64.rpm
 5751d60e9f603d998a9d8ae43c3443c4  amd64/10.0/RPMS/lib64kdegraphics0-ksvg-3.2-15.4.100mdk.amd64.rpm
 e3c533d6a334e6b3c53713f993b2f9c8  amd64/10.0/RPMS/lib64kdegraphics0-ksvg-devel-3.2-15.4.100mdk.amd64.rpm
 2a38d33e84caba1a1124375c38d0333f  amd64/10.0/RPMS/lib64kdegraphics0-kuickshow-3.2-15.4.100mdk.amd64.rpm
 842edf5459022eabd8705e20ba250c7e  amd64/10.0/RPMS/lib64kdegraphics0-kview-3.2-15.4.100mdk.amd64.rpm
 2e0e0ae7cf55bfda6ac011464fcf061a  amd64/10.0/RPMS/lib64kdegraphics0-kview-devel-3.2-15.4.100mdk.amd64.rpm
 e4423df120ba5c7b54a1164c258adf7b  amd64/10.0/RPMS/lib64kdegraphics0-mrmlsearch-3.2-15.4.100mdk.amd64.rpm
 55f21b87afc2bd13a5e60b92a0c9a9ef  amd64/10.0/SRPMS/kdegraphics-3.2-15.4.100mdk.src.rpm

 Mandrakelinux 10.1:
 e0b0a59f3be13b77dec7996660a4da62  10.1/RPMS/kdegraphics-3.2.3-17.3.101mdk.i586.rpm
 848fb4265e132da03bcd5684c9cea340  10.1/RPMS/kdegraphics-common-3.2.3-17.3.101mdk.i586.rpm
 baa15d882d8107515533ad30c9bfead3  10.1/RPMS/kdegraphics-kdvi-3.2.3-17.3.101mdk.i586.rpm
 432227da2c64b07d38d41ca256e6de45  10.1/RPMS/kdegraphics-kfax-3.2.3-17.3.101mdk.i586.rpm
 7ee9b04be951c01d7c004433fad71e52  10.1/RPMS/kdegraphics-kghostview-3.2.3-17.3.101mdk.i586.rpm
 14425a834514f1efddb97291e130061f  10.1/RPMS/kdegraphics-kiconedit-3.2.3-17.3.101mdk.i586.rpm
 7927a407d682b0168b72698d46b4bb32  10.1/RPMS/kdegraphics-kooka-3.2.3-17.3.101mdk.i586.rpm
 5d0a4dd77aa5de67e3e3eb1a367228ed  10.1/RPMS/kdegraphics-kpaint-3.2.3-17.3.101mdk.i586.rpm
 34f20515023d8c7f878d3af74b812c53  10.1/RPMS/kdegraphics-kpdf-3.2.3-17.3.101mdk.i586.rpm
 f4bb57fbaac46238a91f28158469f300  10.1/RPMS/kdegraphics-kpovmodeler-3.2.3-17.3.101mdk.i586.rpm
 542f93d2f7ca7107d3e34545b09475a7  10.1/RPMS/kdegraphics-kruler-3.2.3-17.3.101mdk.i586.rpm
 34abe3b7fdc9c58f86cf0748b50fc4f7  10.1/RPMS/kdegraphics-ksnapshot-3.2.3-17.3.101mdk.i586.rpm
 e409d2762a35ffd3bec9c1ba33f3ba03  10.1/RPMS/kdegraphics-ksvg-3.2.3-17.3.101mdk.i586.rpm
 dadb85c02ea39941a5f224958f9d3c4a  10.1/RPMS/kdegraphics-kuickshow-3.2.3-17.3.101mdk.i586.rpm
 19d2b14528fce5038f04599489842674  10.1/RPMS/kdegraphics-kview-3.2.3-17.3.101mdk.i586.rpm
 82ca8b05c52a9b4060a381b6aa14ae1d  10.1/RPMS/kdegraphics-mrmlsearch-3.2.3-17.3.101mdk.i586.rpm
 ce67842705750f0247ef147881029318  10.1/RPMS/libkdegraphics0-common-3.2.3-17.3.101mdk.i586.rpm
 1026febcd365965293590345ab6c12d7  10.1/RPMS/libkdegraphics0-common-devel-3.2.3-17.3.101mdk.i586.rpm
 b2b23f6cf09d1ff555ef5d6529b861be  10.1/RPMS/libkdegraphics0-kghostview-3.2.3-17.3.101mdk.i586.rpm
 3c6ac99bcef5b324c7c9dc13e97519e0  10.1/RPMS/libkdegraphics0-kghostview-devel-3.2.3-17.3.101mdk.i586.rpm
 2d6587a1c7f7e25de09ab4d741b621b7  10.1/RPMS/libkdegraphics0-kooka-3.2.3-17.3.101mdk.i586.rpm
 b0110e51758f94055b57be38589ce8f1  10.1/RPMS/libkdegraphics0-kooka-devel-3.2.3-17.3.101mdk.i586.rpm
 cc2d2f3d0bb01e3eadc42dc4d2a93ea0  10.1/RPMS/libkdegraphics0-kpovmodeler-3.2.3-17.3.101mdk.i586.rpm
 1225be3299bc3e15d750f772d50b96c9  10.1/RPMS/libkdegraphics0-kpovmodeler-devel-3.2.3-17.3.101mdk.i586.rpm
 08d5239833e14ba58300bbb90a69ec13  10.1/RPMS/libkdegraphics0-ksvg-3.2.3-17.3.101mdk.i586.rpm
 10c62852a00b41cd24c7b43527f9d97e  10.1/RPMS/libkdegraphics0-ksvg-devel-3.2.3-17.3.101mdk.i586.rpm
 e08c0dc6dee09420681b9688fa148193  10.1/RPMS/libkdegraphics0-kuickshow-3.2.3-17.3.101mdk.i586.rpm
 6fecb534f5c6375690e6974226748644  10.1/RPMS/libkdegraphics0-kview-3.2.3-17.3.101mdk.i586.rpm
 296f77c07bb62bedb2d7f0c3b81a9b1b  10.1/RPMS/libkdegraphics0-kview-devel-3.2.3-17.3.101mdk.i586.rpm
 b4731ecd0a0248f70f34eb658abaf990  10.1/RPMS/libkdegraphics0-mrmlsearch-3.2.3-17.3.101mdk.i586.rpm
 2d14e08579fba06f4e1f798d8a592835  10.1/SRPMS/kdegraphics-3.2.3-17.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 472f043a85e0d97e2ef5f8e6efd94c15  x86_64/10.1/RPMS/kdegraphics-3.2.3-17.3.101mdk.x86_64.rpm
 948bd4271e4b4e7310c2078812a93eb1  x86_64/10.1/RPMS/kdegraphics-common-3.2.3-17.3.101mdk.x86_64.rpm
 f11c6fda9045378c23091292bb5f4759  x86_64/10.1/RPMS/kdegraphics-kdvi-3.2.3-17.3.101mdk.x86_64.rpm
 8751f28da28990b4e6977abfb82a3dff  x86_64/10.1/RPMS/kdegraphics-kfax-3.2.3-17.3.101mdk.x86_64.rpm
 3a27f3445d04855beacbb064fc2f0d88  x86_64/10.1/RPMS/kdegraphics-kghostview-3.2.3-17.3.101mdk.x86_64.rpm
 de494572c150d5d113352200d6d16377  x86_64/10.1/RPMS/kdegraphics-kiconedit-3.2.3-17.3.101mdk.x86_64.rpm
 4f1ce214f8f7e338a71c8c37f45b6543  x86_64/10.1/RPMS/kdegraphics-kooka-3.2.3-17.3.101mdk.x86_64.rpm
 51734f7961c9d9b64213c7b1998ecc24  x86_64/10.1/RPMS/kdegraphics-kpaint-3.2.3-17.3.101mdk.x86_64.rpm
 8396d971efd5c655a995ffbb5c9b0de0  x86_64/10.1/RPMS/kdegraphics-kpdf-3.2.3-17.3.101mdk.x86_64.rpm
 1d1db15696ba27a0bd803363320ae72e  x86_64/10.1/RPMS/kdegraphics-kpovmodeler-3.2.3-17.3.101mdk.x86_64.rpm
 b6683ac3b7e060bf5bb7598434327046  x86_64/10.1/RPMS/kdegraphics-kruler-3.2.3-17.3.101mdk.x86_64.rpm
 b44046d96524f1db363c91ac82483ebd  x86_64/10.1/RPMS/kdegraphics-ksnapshot-3.2.3-17.3.101mdk.x86_64.rpm
 2578944c6bdba791c586f2b71e9019de  x86_64/10.1/RPMS/kdegraphics-ksvg-3.2.3-17.3.101mdk.x86_64.rpm
 8551f1c78adfcc2dd02b5974042944e7  x86_64/10.1/RPMS/kdegraphics-kuickshow-3.2.3-17.3.101mdk.x86_64.rpm
 f072ca029bd6169d4e113cb002e07866  x86_64/10.1/RPMS/kdegraphics-kview-3.2.3-17.3.101mdk.x86_64.rpm
 ffc6cf77cde5af32fa19c35346698975  x86_64/10.1/RPMS/kdegraphics-mrmlsearch-3.2.3-17.3.101mdk.x86_64.rpm
 297c177a5f06315c89b170e32c0a4756  x86_64/10.1/RPMS/lib64kdegraphics0-common-3.2.3-17.3.101mdk.x86_64.rpm
 74711174aa6a6394afb937ffa2bfea26  x86_64/10.1/RPMS/lib64kdegraphics0-common-devel-3.2.3-17.3.101mdk.x86_64.rpm
 cb922e30d42d8830ed0b17578fcdfe21  x86_64/10.1/RPMS/lib64kdegraphics0-kghostview-3.2.3-17.3.101mdk.x86_64.rpm
 50540cc06b3671fe227b45693bfa41a2  x86_64/10.1/RPMS/lib64kdegraphics0-kghostview-devel-3.2.3-17.3.101mdk.x86_64.rpm
 5868302a43f84f3e0bdab254784d4cfc  x86_64/10.1/RPMS/lib64kdegraphics0-kooka-3.2.3-17.3.101mdk.x86_64.rpm
 859e9345d0304d4bb221d2baaa0a04c4  x86_64/10.1/RPMS/lib64kdegraphics0-kooka-devel-3.2.3-17.3.101mdk.x86_64.rpm
 be02c99db175a00bd56159ee1949101b  x86_64/10.1/RPMS/lib64kdegraphics0-kpovmodeler-3.2.3-17.3.101mdk.x86_64.rpm
 3f364d42dd1f856e6c38ed6b1eaa8755  x86_64/10.1/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2.3-17.3.101mdk.x86_64.rpm
 c0a10f380cfe893bcd1ff20d1788ab9d  x86_64/10.1/RPMS/lib64kdegraphics0-ksvg-3.2.3-17.3.101mdk.x86_64.rpm
 7d25f9c951272b659fe8a451c7fbf9b1  x86_64/10.1/RPMS/lib64kdegraphics0-ksvg-devel-3.2.3-17.3.101mdk.x86_64.rpm
 ed24ece97a7a4ad153100edc6e539ae5  x86_64/10.1/RPMS/lib64kdegraphics0-kuickshow-3.2.3-17.3.101mdk.x86_64.rpm
 e479d492fbebb755935ed11523c84172  x86_64/10.1/RPMS/lib64kdegraphics0-kview-3.2.3-17.3.101mdk.x86_64.rpm
 d28168f80bcad304006facd761e1ffa8  x86_64/10.1/RPMS/lib64kdegraphics0-kview-devel-3.2.3-17.3.101mdk.x86_64.rpm
 ea88ba003e1b47966222f7c731fe1a0e  x86_64/10.1/RPMS/lib64kdegraphics0-mrmlsearch-3.2.3-17.3.101mdk.x86_64.rpm
 2d14e08579fba06f4e1f798d8a592835  x86_64/10.1/SRPMS/kdegraphics-3.2.3-17.3.101mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFB037xmqjQ0CJFipgRAqTaAJ9abOmAqVfboaVevHVaCs3jUWWutACg2THt
ccQVBfyU8fRuDGQvsKjLHRk=
=xCKl
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]