LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Debian alert DSA-2048-1 (dvipng)



From:
    	      Sebastien Delafond <seb@debian.org> 


To:
    	      debian-security-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DSA 2048-1] New dvipng packages fix arbitrary code execution 


Date:
    	      Sun, 23 May 2010 19:46:17 +0200


Message-ID:
    	      <20100523174617.GA3585@galadriel.inutil.org>


Archive-link:
    	      Article, Thread
              


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2048-1                  security@debian.org
http://www.debian.org/security/                       Sébastien Delafond
May 22, 2010                          http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : dvipng
Vulnerability  : buffer overflow
Problem type   : remote  (local)
Debian-specific: no
CVE Id         : CVE-2010-0829
Debian Bug     : 580628

Dan Rosenberg discovered that in dvipng, a utility that converts DVI
files to PNG graphics, several array index errors allow context-dependent
attackers, via a specially crafted DVI file, to cause a denial of
service (crash of the application), and possibly arbitrary code 
execution.

For the stable distribution (lenny), this problem has been fixed in
version dvipng_1.11-1+lenny1.

For the testing distribution (squeeze), this problem has been fixed in
version 1.13-1.

For the unstable distribution (sid), this problem has been fixed in
version 1.13-1.

We recommend that you upgrade your dvipng package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.



Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc,
s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:     1247 5fd57a58d4a2ad2f181b40d62a82209b
  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:   167331 6afa95aec70e4c5934268cff0443f89c
  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:     5339 2571009cb2724cfe45b5fe94db251f0b

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    93636 16b8ca63a96aecc12bd6e309c6a608f8

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    87770 b07729747b5dcb1c933d97d1f94e90cc

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    85636 cc66a026f0689c667950fefa2eb29769

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    89092 3e96d086253f9f7fa56bb9ede4796ece

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    92524 4f81645ecf4c52b1d7f7fc60c03db55d

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    84348 d4566ba776a65898e062fc236439dbef

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:   117128 03e4493aaa27aec9dd91794155259d2f

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    90266 ce828f225b7a34dd9ad28cf42fef53cf

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    90216 18cab555f94d090eb7bfdfe53afbbf6c

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/d/dvipng/dvi...
    Size/MD5 checksum:    85972 bfcdd63e7dfb2d87a0c4e15719d01a9c


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkv5aY8ACgkQXm3vHE4uylruxACdHeEoegutheTKs7HoOJz+lfx+
rEYAnjyLKe9xyF8MeP1n9iRbOKBIy5TJ
=oGgk
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20100523174617.GA3585@galadriel.i...
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds