MDKSA-2005:044 - Updated tetex packages fix vulnerabilities on 64 bit platforms

From: Mandrakelinux Security Team (security_at_linux-mandrake.com)
Date: 02/18/05

  • Next message: newbug Tseng: "Re: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce in 6.3?"
    To: bugtraq@securityfocus.com
    Date: Thu, 17 Feb 2005 20:01:19 -0700
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

     _______________________________________________________________________

                     Mandrakelinux Security Update Advisory
     _______________________________________________________________________

     Package name: tetex
     Advisory ID: MDKSA-2005:044
     Date: February 17th, 2005

     Affected versions: 10.0, 10.1, Corporate 3.0
     ______________________________________________________________________

     Problem Description:

     Previous updates to correct integer overflow issues affecting xpdf
     overlooked certain conditions when built for a 64 bit platform.
     (formerly CAN-2004-0888). This also affects applications like tetex,
     that use embedded versions of xpdf.
     
     The updated packages are patched to deal with these issues.
     _______________________________________________________________________

     References:

      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206
     ______________________________________________________________________

     Updated Packages:
      
     Mandrakelinux 10.0/AMD64:
     7904e61de2adfb46c0514694665d7520 amd64/10.0/RPMS/jadetex-3.12-93.3.100mdk.amd64.rpm
     b77419e254a189a998bc4af1bb4bcc41 amd64/10.0/RPMS/tetex-2.0.2-14.3.100mdk.amd64.rpm
     15340e9b5ce0fc9acd6a918014d7d983 amd64/10.0/RPMS/tetex-afm-2.0.2-14.3.100mdk.amd64.rpm
     6f559cd5ce0fadd8d9ea197d3865def9 amd64/10.0/RPMS/tetex-context-2.0.2-14.3.100mdk.amd64.rpm
     badfbeb12ae0ee66d3880d6bad3f3ac8 amd64/10.0/RPMS/tetex-devel-2.0.2-14.3.100mdk.amd64.rpm
     a73fff7110e04210b5d1497bbb67190c amd64/10.0/RPMS/tetex-doc-2.0.2-14.3.100mdk.amd64.rpm
     23fe63b3cd2f1e407dd39fe200c6177c amd64/10.0/RPMS/tetex-dvilj-2.0.2-14.3.100mdk.amd64.rpm
     6db7086515806d3c5ab1992f6c3d46d8 amd64/10.0/RPMS/tetex-dvipdfm-2.0.2-14.3.100mdk.amd64.rpm
     a9ed5f29318bef12a6a2b5584e42c2b3 amd64/10.0/RPMS/tetex-dvips-2.0.2-14.3.100mdk.amd64.rpm
     0a1cc940d7e04ec64bacd0cea638c2d8 amd64/10.0/RPMS/tetex-latex-2.0.2-14.3.100mdk.amd64.rpm
     c5ab2762088c1bf423268331655ad1d5 amd64/10.0/RPMS/tetex-mfwin-2.0.2-14.3.100mdk.amd64.rpm
     20510f5e4bdf59e2774e83e2fdac9435 amd64/10.0/RPMS/tetex-texi2html-2.0.2-14.3.100mdk.amd64.rpm
     48c61b9ca9739f8d6b41af2410989b3f amd64/10.0/RPMS/tetex-xdvi-2.0.2-14.3.100mdk.amd64.rpm
     68a6f4c328a7f5af293f57a6dffa4d05 amd64/10.0/RPMS/xmltex-1.9-41.3.100mdk.amd64.rpm
     2c4377cb66660ff7dff819e710dd8a89 amd64/10.0/SRPMS/tetex-2.0.2-14.3.100mdk.src.rpm

     Mandrakelinux 10.1/X86_64:
     b07c920a82350d42755aad9a113b7969 x86_64/10.1/RPMS/jadetex-3.12-98.3.101mdk.x86_64.rpm
     0a1534342231f820d293a090ab3f92ad x86_64/10.1/RPMS/tetex-2.0.2-19.3.101mdk.x86_64.rpm
     a02ef1ee5e0a6b4401e59e8f8dfd5b6f x86_64/10.1/RPMS/tetex-afm-2.0.2-19.3.101mdk.x86_64.rpm
     147a4d6a42dddcd1cc1dd48c901daa12 x86_64/10.1/RPMS/tetex-context-2.0.2-19.3.101mdk.x86_64.rpm
     5fba6fac6aca4edae230a233fa4bd620 x86_64/10.1/RPMS/tetex-devel-2.0.2-19.3.101mdk.x86_64.rpm
     acdafd26562f0f3e000ec5ba9957c267 x86_64/10.1/RPMS/tetex-doc-2.0.2-19.3.101mdk.x86_64.rpm
     74a918434e40337a25b56c8825621e4f x86_64/10.1/RPMS/tetex-dvilj-2.0.2-19.3.101mdk.x86_64.rpm
     e7364fd1c6319a8a893ae955815809d0 x86_64/10.1/RPMS/tetex-dvipdfm-2.0.2-19.3.101mdk.x86_64.rpm
     ba0504ad78c3993ca869a5817fd14a64 x86_64/10.1/RPMS/tetex-dvips-2.0.2-19.3.101mdk.x86_64.rpm
     9df18edbde9939e5a08753f9ddd03ff5 x86_64/10.1/RPMS/tetex-latex-2.0.2-19.3.101mdk.x86_64.rpm
     f853e04a96be68603b0e9de0fcdc467e x86_64/10.1/RPMS/tetex-mfwin-2.0.2-19.3.101mdk.x86_64.rpm
     528d7e6dc5b04bb8199f06e2a66d26f1 x86_64/10.1/RPMS/tetex-texi2html-2.0.2-19.3.101mdk.x86_64.rpm
     c1cdcd4d8f75cf56420810b19096f170 x86_64/10.1/RPMS/tetex-xdvi-2.0.2-19.3.101mdk.x86_64.rpm
     3c97fd419cd300507e4966f125ad40f2 x86_64/10.1/RPMS/xmltex-1.9-46.3.101mdk.x86_64.rpm
     c995a628710c48cef314240d77b3b730 x86_64/10.1/SRPMS/tetex-2.0.2-19.3.101mdk.src.rpm

     Corporate 3.0/X86_64:
     1b326633a0e3185b752b8327d207cb0c x86_64/corporate/3.0/RPMS/jadetex-3.12-93.3.C30mdk.x86_64.rpm
     242f4b039dfd35eb30ab9cc847b19cda x86_64/corporate/3.0/RPMS/tetex-2.0.2-14.3.C30mdk.x86_64.rpm
     c9301ce4391d97800a76977e22a46026 x86_64/corporate/3.0/RPMS/tetex-afm-2.0.2-14.3.C30mdk.x86_64.rpm
     42ee4dd0ae86099d70f6601840ede0b5 x86_64/corporate/3.0/RPMS/tetex-context-2.0.2-14.3.C30mdk.x86_64.rpm
     7ef157d37e1310690e6248a9063a1214 x86_64/corporate/3.0/RPMS/tetex-devel-2.0.2-14.3.C30mdk.x86_64.rpm
     d81b13fbe15b08c8d413cedc521da6fd x86_64/corporate/3.0/RPMS/tetex-doc-2.0.2-14.3.C30mdk.x86_64.rpm
     5e7d13863a5fe4492983e57b60139f98 x86_64/corporate/3.0/RPMS/tetex-dvilj-2.0.2-14.3.C30mdk.x86_64.rpm
     0c0cb885351fa4489970cbb2c487de95 x86_64/corporate/3.0/RPMS/tetex-dvipdfm-2.0.2-14.3.C30mdk.x86_64.rpm
     67dd8bed1b557479cdc8d3c6be86027a x86_64/corporate/3.0/RPMS/tetex-dvips-2.0.2-14.3.C30mdk.x86_64.rpm
     eacce2587b7dafc0b15f3ff291c2ce3c x86_64/corporate/3.0/RPMS/tetex-latex-2.0.2-14.3.C30mdk.x86_64.rpm
     40bad1da0c94de878127a32e32bfc8d1 x86_64/corporate/3.0/RPMS/tetex-mfwin-2.0.2-14.3.C30mdk.x86_64.rpm
     68016ddd82ef662b8024fc705c79d7c2 x86_64/corporate/3.0/RPMS/tetex-texi2html-2.0.2-14.3.C30mdk.x86_64.rpm
     f1d8401b93dfdd0768632bdae0cd12b9 x86_64/corporate/3.0/RPMS/tetex-xdvi-2.0.2-14.3.C30mdk.x86_64.rpm
     e94cde92b9473c0ddad2742a0c45b248 x86_64/corporate/3.0/RPMS/xmltex-1.9-41.3.C30mdk.x86_64.rpm
     26a8a6d2e01d0239d8f9f8dde35344af x86_64/corporate/3.0/SRPMS/tetex-2.0.2-14.3.C30mdk.src.rpm
     _______________________________________________________________________

     To upgrade automatically use MandrakeUpdate or urpmi. The verification
     of md5 checksums and GPG signatures is performed automatically for you.

     All packages are signed by Mandrakesoft for security. You can obtain
     the GPG public key of the Mandrakelinux Security Team by executing:

      gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

     You can view other update advisories for Mandrakelinux at:

      http://www.mandrakesoft.com/security/advisories

     If you want to report vulnerabilities, please contact

      security_linux-mandrake.com

     Type Bits/KeyID Date User ID
     pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
      <security linux-mandrake.com>
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)

    iD8DBQFCFVp/mqjQ0CJFipgRAmMkAJ9hFIa/TVrZXeIxPXx7RtcP6xosogCglT1b
    VzFPNr8PkLOW7iDOsBcdY7Y=
    =yrYe
    -----END PGP SIGNATURE-----


  • Next message: newbug Tseng: "Re: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce in 6.3?"