Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[ MDVSA-2011:010 ] xfig
From: security () mandriva com
Date: Sat, 15 Jan 2011 23:41:00 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:010
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : xfig
 Date    : January 15, 2011
 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in xfig:
 
 Stack-based buffer overflow in the read_1_3_textobject function in
 f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject
 function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier,
 allows remote attackers to execute arbitrary code via a long string
 in a malformed .fig file that uses the 1.3 file format.  NOTE:
 some of these details are obtained from third party information
 (CVE-2009-4227).
 
 Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier
 allows remote attackers to cause a denial of service (application
 crash) via a long string in a malformed .fig file that uses the 1.3
 file format, possibly related to the readfp_fig function in f_read.c
 (CVE-2009-4228).
 
 Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote
 attackers to cause a denial of service (crash) and possibly execute
 arbitrary code via a FIG image with a crafted color definition
 (CVE-2010-4262).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4227
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4228
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4262
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 e39602fc8ee985c8b9a53872593a0f81  2009.0/i586/xfig-3.2.5-4.1mdv2009.0.i586.rpm 
 1939fb7dc9bea4407c6ef8fac24ed8cf  2009.0/SRPMS/xfig-3.2.5-4.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 2d23d023c54c3e97e0785a4c132e6920  2009.0/x86_64/xfig-3.2.5-4.1mdv2009.0.x86_64.rpm 
 1939fb7dc9bea4407c6ef8fac24ed8cf  2009.0/SRPMS/xfig-3.2.5-4.1mdv2009.0.src.rpm

 Mandriva Linux 2010.0:
 fa216772dd4e5cce2646af8e3fdab037  2010.0/i586/xfig-3.2.5b-1.3mdv2010.0.i586.rpm 
 a5d6698dd7015208f7c2bdaa94eaded8  2010.0/SRPMS/xfig-3.2.5b-1.3mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 41a861a853686f15faf79ac78d23f01b  2010.0/x86_64/xfig-3.2.5b-1.3mdv2010.0.x86_64.rpm 
 a5d6698dd7015208f7c2bdaa94eaded8  2010.0/SRPMS/xfig-3.2.5b-1.3mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 6246b2d654ecc3208eb6a1484e656680  2010.1/i586/xfig-3.2.5b-3.1mdv2010.2.i586.rpm 
 1d0ca214e51934ffe9d52e7a4ed9b589  2010.1/SRPMS/xfig-3.2.5b-3.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 e967afae295de665073e0c9ef751e86d  2010.1/x86_64/xfig-3.2.5b-3.1mdv2010.2.x86_64.rpm 
 1d0ca214e51934ffe9d52e7a4ed9b589  2010.1/SRPMS/xfig-3.2.5b-3.1mdv2010.2.src.rpm

 Corporate 4.0:
 66396295f199c85cdba5b7c83efd82c6  corporate/4.0/i586/xfig-3.2.5-0.4.20060mlcs4.i586.rpm 
 047a3ee6ff83f35c6c7a167f442af9b8  corporate/4.0/SRPMS/xfig-3.2.5-0.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 0089a3e8d5436d7ea3a72afad505a39b  corporate/4.0/x86_64/xfig-3.2.5-0.4.20060mlcs4.x86_64.rpm 
 047a3ee6ff83f35c6c7a167f442af9b8  corporate/4.0/SRPMS/xfig-3.2.5-0.4.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNMfMSmqjQ0CJFipgRAuy4AJ9cJPnx510QGOr4rS0WWSd98c105gCgwS0l
51YvC5zhkNyiQiTTb57njsA=
=bct3
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • [ MDVSA-2011:010 ] xfig security (Jan 15)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]