From: Mandriva Security Team <security@mandriva.com.>
To: [email protected]Subject: MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability
Message-Id: <E1E3JUj-0005PQ-Pc@mercury.mandriva.com.>
Sender: QATeam User <qateam@mercury.mandriva.com.>
Date: Thu, 11 Aug 2005 14:17:41 -0600
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: kdegraphics
Advisory ID: MDKSA-2005:135
Date: August 11th, 2005
Affected versions: 10.2
______________________________________________________________________
Problem Description:
A vulnerability in the kpdf KDE PDF viewer was discovered. An attacker
could construct a malicious PDF file that would cause kpdf to consume
all available disk space in /tmp when opened.
The updated packages have been patched to correct this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2097
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.2:
dc99859286e4d0fed79e36a2234f968b 10.2/RPMS/kdegraphics-3.3.2-21.2.102mdk.i586.rpm
ef892e76c8facb4d4a6dfbdee38ba43f 10.2/RPMS/kdegraphics-common-3.3.2-21.2.102mdk.i586.rpm
d5c53c81977b6afc9e99489011138f96 10.2/RPMS/kdegraphics-kdvi-3.3.2-21.2.102mdk.i586.rpm
fa73712fe80d6781fc10e165ebf3f51b 10.2/RPMS/kdegraphics-kfax-3.3.2-21.2.102mdk.i586.rpm
9a120204e9d79af11c5d3155dfe62c5f 10.2/RPMS/kdegraphics-kghostview-3.3.2-21.2.102mdk.i586.rpm
82083ee778f6ef85caef00374f81ca93 10.2/RPMS/kdegraphics-kiconedit-3.3.2-21.2.102mdk.i586.rpm
c08c81b8100c411db62eb57060cffc10 10.2/RPMS/kdegraphics-kolourpaint-3.3.2-21.2.102mdk.i586.rpm
c47bd293b26c83efcf232ff0289cfb76 10.2/RPMS/kdegraphics-kooka-3.3.2-21.2.102mdk.i586.rpm
f5a4851fd0bf983c8bb7cf84b4ea5d70 10.2/RPMS/kdegraphics-kpaint-3.3.2-21.2.102mdk.i586.rpm
d9eb92a5b8563d352a024edf46697ba2 10.2/RPMS/kdegraphics-kpdf-3.3.2-21.2.102mdk.i586.rpm
5966cff09aa2fc0ccfa7e20c90cf685e 10.2/RPMS/kdegraphics-kpovmodeler-3.3.2-21.2.102mdk.i586.rpm
56a56d26e4f8d76b2d9767c984adbff8 10.2/RPMS/kdegraphics-kruler-3.3.2-21.2.102mdk.i586.rpm
6a3a3bf1536264dfb3fcb76234ea1f53 10.2/RPMS/kdegraphics-ksnapshot-3.3.2-21.2.102mdk.i586.rpm
58939be6689e882e9333131ba7ae34b4 10.2/RPMS/kdegraphics-ksvg-3.3.2-21.2.102mdk.i586.rpm
b8ab358a9c108a0287c3fc91b4c5b6ce 10.2/RPMS/kdegraphics-kuickshow-3.3.2-21.2.102mdk.i586.rpm
855cf3cbbdcc291f148c56d1d96ccd38 10.2/RPMS/kdegraphics-kview-3.3.2-21.2.102mdk.i586.rpm
94786f5cba3f6708307264d85eca1cf6 10.2/RPMS/kdegraphics-mrmlsearch-3.3.2-21.2.102mdk.i586.rpm
df4b7c27e0840c93afa31723bddfec8f 10.2/RPMS/libkdegraphics0-common-3.3.2-21.2.102mdk.i586.rpm
8eb00f01f5aebf9c8c8f02731924ee36 10.2/RPMS/libkdegraphics0-common-devel-3.3.2-21.2.102mdk.i586.rpm
6a468ed84919e033d42aa948beaf3086 10.2/RPMS/libkdegraphics0-kghostview-3.3.2-21.2.102mdk.i586.rpm
351a74ef90d41124b3bb635bc38f9d09 10.2/RPMS/libkdegraphics0-kghostview-devel-3.3.2-21.2.102mdk.i586.rpm
ddfa6189d773023f2ea9d44755e4469a 10.2/RPMS/libkdegraphics0-kooka-3.3.2-21.2.102mdk.i586.rpm
d1a3935ca53fc9a24199f7e14c899b14 10.2/RPMS/libkdegraphics0-kooka-devel-3.3.2-21.2.102mdk.i586.rpm
e1d9efd2588cfcc38d4dcce4acb58d0f 10.2/RPMS/libkdegraphics0-kpovmodeler-3.3.2-21.2.102mdk.i586.rpm
b0b7ca65dd69cb59a2a3eda210953d1c 10.2/RPMS/libkdegraphics0-kpovmodeler-devel-3.3.2-21.2.102mdk.i586.rpm
8e8b5a4edc7b45bcf1be1e3d46a6757a 10.2/RPMS/libkdegraphics0-ksvg-3.3.2-21.2.102mdk.i586.rpm
834f3866fe6ba195307487f449b58d4d 10.2/RPMS/libkdegraphics0-ksvg-devel-3.3.2-21.2.102mdk.i586.rpm
ac457fab7ebfea9f0c519ab1ec2f32cd 10.2/RPMS/libkdegraphics0-kuickshow-3.3.2-21.2.102mdk.i586.rpm
47092acf77b769b620ba9748ca868a22 10.2/RPMS/libkdegraphics0-kview-3.3.2-21.2.102mdk.i586.rpm
7f97d956309b0467359f3f522f897a9a 10.2/RPMS/libkdegraphics0-kview-devel-3.3.2-21.2.102mdk.i586.rpm
315a93ebae47bbb647125c385a8e3d3f 10.2/RPMS/libkdegraphics0-mrmlsearch-3.3.2-21.2.102mdk.i586.rpm
ff7a54a756406bdd58e4159476e78114 10.2/SRPMS/kdegraphics-3.3.2-21.2.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
371492535d90510377975b818b6cceb2 x86_64/10.2/RPMS/kdegraphics-3.3.2-21.2.102mdk.x86_64.rpm
b1678ad78ea0ffd304eebfda97279256 x86_64/10.2/RPMS/kdegraphics-common-3.3.2-21.2.102mdk.x86_64.rpm
ddc17693e76485b149dfc6d83197bee8 x86_64/10.2/RPMS/kdegraphics-kdvi-3.3.2-21.2.102mdk.x86_64.rpm
fd3d77c9cc5348ee046c2660b61d7015 x86_64/10.2/RPMS/kdegraphics-kfax-3.3.2-21.2.102mdk.x86_64.rpm
aefbbdd70bf5b13577bb7ae5e0580046 x86_64/10.2/RPMS/kdegraphics-kghostview-3.3.2-21.2.102mdk.x86_64.rpm
9382bb409c6f2bd78c25dd4bd9c099e0 x86_64/10.2/RPMS/kdegraphics-kiconedit-3.3.2-21.2.102mdk.x86_64.rpm
2693a7332d9a02ed059535f97f87d395 x86_64/10.2/RPMS/kdegraphics-kolourpaint-3.3.2-21.2.102mdk.x86_64.rpm
5fafa0928c09d3ae9779b75141c6117c x86_64/10.2/RPMS/kdegraphics-kooka-3.3.2-21.2.102mdk.x86_64.rpm
64633c041bd2dced17eb2cbc10d0d2b7 x86_64/10.2/RPMS/kdegraphics-kpaint-3.3.2-21.2.102mdk.x86_64.rpm
7e1953e64b8807f6f1f5259461eb34b1 x86_64/10.2/RPMS/kdegraphics-kpdf-3.3.2-21.2.102mdk.x86_64.rpm
00bb60faa9ef9a7ec21e3525ed5561d4 x86_64/10.2/RPMS/kdegraphics-kpovmodeler-3.3.2-21.2.102mdk.x86_64.rpm
f247e4c766652d2d3a15986881a11cf1 x86_64/10.2/RPMS/kdegraphics-kruler-3.3.2-21.2.102mdk.x86_64.rpm
85431fe8e530992bd49ca69a59f0e2b3 x86_64/10.2/RPMS/kdegraphics-ksnapshot-3.3.2-21.2.102mdk.x86_64.rpm
8cee3225a9e7298698d2574a77686762 x86_64/10.2/RPMS/kdegraphics-ksvg-3.3.2-21.2.102mdk.x86_64.rpm
e97f0429d28ec59c7b5afc27b9761af8 x86_64/10.2/RPMS/kdegraphics-kuickshow-3.3.2-21.2.102mdk.x86_64.rpm
b9e87ae4b7fed624ba20c120d675b319 x86_64/10.2/RPMS/kdegraphics-kview-3.3.2-21.2.102mdk.x86_64.rpm
19332441b7057b15755bdae3e37277ba x86_64/10.2/RPMS/kdegraphics-mrmlsearch-3.3.2-21.2.102mdk.x86_64.rpm
b0667c3aad4160080f92def692ad270f x86_64/10.2/RPMS/lib64kdegraphics0-common-3.3.2-21.2.102mdk.x86_64.rpm
4cc674f3a375954937366d2a52ca3662 x86_64/10.2/RPMS/lib64kdegraphics0-common-devel-3.3.2-21.2.102mdk.x86_64.rpm
dc2e8fef7c03828ee5393ffa98d3adf3 x86_64/10.2/RPMS/lib64kdegraphics0-kghostview-3.3.2-21.2.102mdk.x86_64.rpm
37b22f4c2eac765038ae559765f23532 x86_64/10.2/RPMS/lib64kdegraphics0-kghostview-devel-3.3.2-21.2.102mdk.x86_64.rpm
3b02ec29fc8abd8b4bf76a2e7bcf5cdd x86_64/10.2/RPMS/lib64kdegraphics0-kooka-3.3.2-21.2.102mdk.x86_64.rpm
caf54d100aa98e50aa8e13f9e8babc66 x86_64/10.2/RPMS/lib64kdegraphics0-kooka-devel-3.3.2-21.2.102mdk.x86_64.rpm
6b670ee7d4e90ecc6447f3cc402b4912 x86_64/10.2/RPMS/lib64kdegraphics0-kpovmodeler-3.3.2-21.2.102mdk.x86_64.rpm
4521f77d6fc03815c5b011fd8b8e9d0f x86_64/10.2/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.3.2-21.2.102mdk.x86_64.rpm
af03e92003c944d8017a669cbdccc264 x86_64/10.2/RPMS/lib64kdegraphics0-ksvg-3.3.2-21.2.102mdk.x86_64.rpm
626457c41e46b369d565ef3c01e86e08 x86_64/10.2/RPMS/lib64kdegraphics0-ksvg-devel-3.3.2-21.2.102mdk.x86_64.rpm
bc981122de4936cf0e388c2fcf0ef9de x86_64/10.2/RPMS/lib64kdegraphics0-kuickshow-3.3.2-21.2.102mdk.x86_64.rpm
5a7aced477550ecfa7ed0df1b11f782b x86_64/10.2/RPMS/lib64kdegraphics0-kview-3.3.2-21.2.102mdk.x86_64.rpm
d99b9d3d03d3bf550abd28f174acd8e8 x86_64/10.2/RPMS/lib64kdegraphics0-kview-devel-3.3.2-21.2.102mdk.x86_64.rpm
afe126ed795de6981081bdd1c84b704e x86_64/10.2/RPMS/lib64kdegraphics0-mrmlsearch-3.3.2-21.2.102mdk.x86_64.rpm
ff7a54a756406bdd58e4159476e78114 x86_64/10.2/SRPMS/kdegraphics-3.3.2-21.2.102mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFC+7JlmqjQ0CJFipgRAkCiAJwO24cmq1iX8pVhjsVtbLwNvRfUmwCcC0+h
ylLnIDyglGnzIxkz0ZAG1AM=
=eD4j
-----END PGP SIGNATURE-----