Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[ MDVSA-2011:016 ] t1lib
From: security () mandriva com
Date: Fri, 21 Jan 2011 17:12:00 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:016
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : t1lib
 Date    : January 21, 2011
 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 It was discovered that t1lib suffered from the same vulnerability as
 previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As
 a precaution t1lib has been patched to address this flaw.
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 599f783a0eb68c6ee4df2b55fd4b9f7a  2009.0/i586/libt1lib5-5.1.2-4.1mdv2009.0.i586.rpm
 93faa44fb6e5451b26b06cf8266b2bda  2009.0/i586/libt1lib-devel-5.1.2-4.1mdv2009.0.i586.rpm
 10055f8139aa5323998a5827b694b2d7  2009.0/i586/libt1lib-static-devel-5.1.2-4.1mdv2009.0.i586.rpm
 6f299e29dd23f5d6e77d9b99ede98942  2009.0/i586/t1lib-config-5.1.2-4.1mdv2009.0.i586.rpm
 a56fbccbcc28ba1dfb17081922779ad1  2009.0/i586/t1lib-progs-5.1.2-4.1mdv2009.0.i586.rpm 
 c7ec8ded98a8116e3415671c9eb637ad  2009.0/SRPMS/t1lib-5.1.2-4.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 59b16d03c66d1fedb111c9eaf998ef56  2009.0/x86_64/lib64t1lib5-5.1.2-4.1mdv2009.0.x86_64.rpm
 afcfc7c1f1d5b8844ddd7190a1fcb1e8  2009.0/x86_64/lib64t1lib-devel-5.1.2-4.1mdv2009.0.x86_64.rpm
 e526862e479b174d71016301e4ce3fc0  2009.0/x86_64/lib64t1lib-static-devel-5.1.2-4.1mdv2009.0.x86_64.rpm
 32e982c2d44afb35aaa2d9e3caa2b3be  2009.0/x86_64/t1lib-config-5.1.2-4.1mdv2009.0.x86_64.rpm
 07b649d8dc61d692f1716d72a07da71e  2009.0/x86_64/t1lib-progs-5.1.2-4.1mdv2009.0.x86_64.rpm 
 c7ec8ded98a8116e3415671c9eb637ad  2009.0/SRPMS/t1lib-5.1.2-4.1mdv2009.0.src.rpm

 Mandriva Linux 2010.0:
 310ee7d65a7f634e87222bd780915644  2010.0/i586/libt1lib5-5.1.2-7.1mdv2010.0.i586.rpm
 cbe429ffc363b10d0fffbefb3a33bac0  2010.0/i586/libt1lib-devel-5.1.2-7.1mdv2010.0.i586.rpm
 0f02f514f59824332aa6e0665204e7da  2010.0/i586/libt1lib-static-devel-5.1.2-7.1mdv2010.0.i586.rpm
 4252c52406dbc2051a31adeb5e6f5e50  2010.0/i586/t1lib-config-5.1.2-7.1mdv2010.0.i586.rpm
 22f75861e3c41ff701c503c6014fd83e  2010.0/i586/t1lib-progs-5.1.2-7.1mdv2010.0.i586.rpm 
 b5d4e91778fc56d97e27e39d47f755e3  2010.0/SRPMS/t1lib-5.1.2-7.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 2dd5b2f8aa27ecc59deebfa085839db1  2010.0/x86_64/lib64t1lib5-5.1.2-7.1mdv2010.0.x86_64.rpm
 992e43be6aaa8f5d287ba329d1d37307  2010.0/x86_64/lib64t1lib-devel-5.1.2-7.1mdv2010.0.x86_64.rpm
 877785d712b325c487266876aaa783d6  2010.0/x86_64/lib64t1lib-static-devel-5.1.2-7.1mdv2010.0.x86_64.rpm
 24018e3a1b1a9cf281343dbe4bdb8d89  2010.0/x86_64/t1lib-config-5.1.2-7.1mdv2010.0.x86_64.rpm
 3fca959f045cc1f452f603dac0284f59  2010.0/x86_64/t1lib-progs-5.1.2-7.1mdv2010.0.x86_64.rpm 
 b5d4e91778fc56d97e27e39d47f755e3  2010.0/SRPMS/t1lib-5.1.2-7.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 c696d917eb2a4be454a27c70f598e3b3  2010.1/i586/libt1lib5-5.1.2-8.1mdv2010.2.i586.rpm
 da4a03bea147aac19ae8d8a1bf5cdd6e  2010.1/i586/libt1lib-devel-5.1.2-8.1mdv2010.2.i586.rpm
 b9290b2bea03423459fc77e3e4893676  2010.1/i586/libt1lib-static-devel-5.1.2-8.1mdv2010.2.i586.rpm
 57ccda81a0a3ef35f8326e6db90a7164  2010.1/i586/t1lib-config-5.1.2-8.1mdv2010.2.i586.rpm
 e5fb29d4f198656a97c0b7aad2c17f00  2010.1/i586/t1lib-progs-5.1.2-8.1mdv2010.2.i586.rpm 
 ff89cfdbcc43583b8b4cebd60ecbcf3c  2010.1/SRPMS/t1lib-5.1.2-8.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 ff59dd6e16a77d55f32c579c1cbbb359  2010.1/x86_64/lib64t1lib5-5.1.2-8.1mdv2010.2.x86_64.rpm
 326d6b627607199d1ed2b777791337b0  2010.1/x86_64/lib64t1lib-devel-5.1.2-8.1mdv2010.2.x86_64.rpm
 c0070fd18a3952b478b5e09d87c4f4a3  2010.1/x86_64/lib64t1lib-static-devel-5.1.2-8.1mdv2010.2.x86_64.rpm
 0456d64f5393c75d128a1395ca1e9690  2010.1/x86_64/t1lib-config-5.1.2-8.1mdv2010.2.x86_64.rpm
 cd7f49fc46abbb60adcce436d56f61d5  2010.1/x86_64/t1lib-progs-5.1.2-8.1mdv2010.2.x86_64.rpm 
 ff89cfdbcc43583b8b4cebd60ecbcf3c  2010.1/SRPMS/t1lib-5.1.2-8.1mdv2010.2.src.rpm

 Corporate 4.0:
 6a10f64eaea14c2a1819bee558a60692  corporate/4.0/i586/libt1lib5-5.1.0-1.2.20060mlcs4.i586.rpm
 ac13127bdfa766289c2bcacfb59c9dc8  corporate/4.0/i586/libt1lib5-devel-5.1.0-1.2.20060mlcs4.i586.rpm
 a4326eac69f1aea59bf4ba90b3f2beaf  corporate/4.0/i586/libt1lib5-static-devel-5.1.0-1.2.20060mlcs4.i586.rpm
 93368d9f3679037c313f3b7cb87879f9  corporate/4.0/i586/t1lib-config-5.1.0-1.2.20060mlcs4.i586.rpm
 17f413268c5603bc59c06aa14f10c630  corporate/4.0/i586/t1lib-progs-5.1.0-1.2.20060mlcs4.i586.rpm 
 632a92b73f526d4e489649878637b52a  corporate/4.0/SRPMS/t1lib-5.1.0-1.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 ac41414be04a827740e92cf088ec76af  corporate/4.0/x86_64/lib64t1lib5-5.1.0-1.2.20060mlcs4.x86_64.rpm
 028849ff6151626dbdc1a66faa4e6398  corporate/4.0/x86_64/lib64t1lib5-devel-5.1.0-1.2.20060mlcs4.x86_64.rpm
 8d361af76b0cc51a020a07c0a07275f9  corporate/4.0/x86_64/lib64t1lib5-static-devel-5.1.0-1.2.20060mlcs4.x86_64.rpm
 af1d3a27219d99c99a059046538b495b  corporate/4.0/x86_64/t1lib-config-5.1.0-1.2.20060mlcs4.x86_64.rpm
 0f88c1f82c0aeb8fe2c923f99b2aa631  corporate/4.0/x86_64/t1lib-progs-5.1.0-1.2.20060mlcs4.x86_64.rpm 
 632a92b73f526d4e489649878637b52a  corporate/4.0/SRPMS/t1lib-5.1.0-1.2.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 5792d67c70cb189421fabf15db01a487  mes5/i586/libt1lib5-5.1.2-4.1mdvmes5.1.i586.rpm
 37dd107b006b3c1606c5e217a204a222  mes5/i586/libt1lib-devel-5.1.2-4.1mdvmes5.1.i586.rpm
 df0376ecd2890dc805a8770a0e1226c5  mes5/i586/libt1lib-static-devel-5.1.2-4.1mdvmes5.1.i586.rpm
 df13d1c8d4efbab824e2d479090025d7  mes5/i586/t1lib-config-5.1.2-4.1mdvmes5.1.i586.rpm
 ed682fa1868be45bc7dc01233d1516b5  mes5/i586/t1lib-progs-5.1.2-4.1mdvmes5.1.i586.rpm 
 1cb11ed251082b9a682015897bf02da7  mes5/SRPMS/t1lib-5.1.2-4.1mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 82188362954955216dbee7d4ef833d5e  mes5/x86_64/lib64t1lib5-5.1.2-4.1mdvmes5.1.x86_64.rpm
 3b91c137bedefe1e91dee24086e99f08  mes5/x86_64/lib64t1lib-devel-5.1.2-4.1mdvmes5.1.x86_64.rpm
 2da40b9cd2d63e9fa2f5129401649886  mes5/x86_64/lib64t1lib-static-devel-5.1.2-4.1mdvmes5.1.x86_64.rpm
 47a5419367768a2c02bb19c7b1f4d409  mes5/x86_64/t1lib-config-5.1.2-4.1mdvmes5.1.x86_64.rpm
 ace11c96025b1d021d7df91959016885  mes5/x86_64/t1lib-progs-5.1.2-4.1mdvmes5.1.x86_64.rpm 
 1cb11ed251082b9a682015897bf02da7  mes5/SRPMS/t1lib-5.1.2-4.1mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNOX/AmqjQ0CJFipgRAr7qAJ4pu1ydJ+n75VjQcxncqlnWuRToLACfVKEx
uK1FcFu8qb2ncTkzdYh+O6M=
=fc9e
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • [ MDVSA-2011:016 ] t1lib security (Jan 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]