| ||||||||||||||||
Ubuntu alert USN-163-1 (xpdf)
=========================================================== Ubuntu Security Notice USN-163-1 August 09, 2005 xpdf vulnerability CAN-2005-2097 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: xpdf-reader xpdf-utils kpdf The problem can be corrected by upgrading the affected package to version 3.00-8ubuntu1.5 (for Ubuntu 4.10), or 3.00-11ubuntu3.1 (xpdf-reader and xpdf-utils for Ubuntu 5.04) and 4:3.4.0-0ubuntu3.1 (kpdf for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: xpdf and kpdf did not sufficiently verify the validity of the "loca" table in PDF files, a table that contains glyph description information for embedded TrueType fonts. After detecting the broken table, xpdf attempted to reconstruct the information in it, which caused the generation of a huge temporary file that quickly filled up available disk space and rendered the application unresponsive. The CUPS printing system in Ubuntu 5.04 uses the xpdf-utils package to convert PDF files to PostScript. By attempting to print such a crafted PDF file, a remote attacker could cause a Denial of Service in a print server. The CUPS system in Ubuntu 4.10 is not vulnerable against this attack. Updated packages for Ubuntu 4.10 (Warty Warthog): Source archives: http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 49233 4cd029c1e95456692b26dcfdb6d53ce8 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 798 bcb68e7e2d6af0bc9e67f87124ac8bda http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 534697 95294cef3031dd68e65f331e8750b2c2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-c... Size/MD5: 56848 14aa94843443c88cb173285fad7f22e0 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 1278 7cb9919819da78b2fd00dcae61bb8c46 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-r... Size/MD5: 667122 d63c5a97a615fc4f6996eb1c0e0db8d4 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-u... Size/MD5: 1271460 ba0726cc5834f5c2484241ba3a708a18 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-r... Size/MD5: 631952 4b765c67380a65b3495411cfae390a76 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-u... Size/MD5: 1193432 1c81c58d022a9fc295121d7e3015bda3 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-r... Size/MD5: 693470 7b484b13228992748cc7005fd6aba632 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-u... Size/MD5: 1311586 8f8dcd99c4de8d58985caa4e3c0e7f8f Updated packages for Ubuntu 5.04 (Hoary Hedgehog): Source archives: http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 48457 66dae2ebe77d6c534341081053de0ad4 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 788 416e2f1981d1ee9ee840fea169647dd5 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 534697 95294cef3031dd68e65f331e8750b2c2 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 154890 bc6483123ff12803fffe3aa2bda692d3 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 1373 7a956fb702674a455d412820e0451495 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 8099991 c60ab0a0d727701144b5342dcbee201a Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-c... Size/MD5: 56544 3d224afc953de8a9b435442e660605ee http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3... Size/MD5: 1276 9005b58cff86bb092a9517f5f23922a4 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 10300 ec94e5f36fb820b7d4bac5cd2ac33534 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-r... Size/MD5: 666982 fac1e20d36a73d5ce7fd9ab14687e334 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-u... Size/MD5: 1271400 7a81fc269ab824bbd33a229c77dceaad http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 81916 ba96be6d955eea5a25f243099b96fc98 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 93520 af0a0643f8e6239dca5ebfabb7542279 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 58796 56d634ffdf6a30b2b1f6befe87284c7b http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 264398 a76e455377a8186876e92b637ba4d812 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 504812 39329ab1c8c37c7e20fc3586ca34dc1e http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 142990 f5f4425b604a830058e0e1dc858a8f1d http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 76088 7cacd1083ecc2af8bbd8c74bfd4e6e0f http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 231168 d5e0053c78445904724f39dd577f5053 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 137534 bb441cb229f3fbdd86da8784d7c6c75f http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 227596 0b0bc954f8723130a145bf1ee70168f5 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 798720 831c2bfa32699f271a0fed894f271c0f http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 753156 278e9b51ac65ee737692d49ca65fb5e0 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 657458 50e033dc500e0186702419239dd9536c http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 2239588 1db84a1b3b77b69b50b2902746411fb1 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 56308 209b274d36be561c22705578e1bc7656 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 132142 3762b1853a272edce602dddf68d57a7c http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 1216632 899ceb59f17a0163b78bd8d5cf48eca3 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 471318 39e2e4c6a32ecdf4021e7e0a9ad9530a http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 685498 a16981238b4a1d0041fa43a3b743424f http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 255776 e3a8bde867881d5de2403aee14722597 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 9700 fb007ba8f7cb7a94e77eb2daa20348f0 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 133834 ffc81571e412551c39b1cad094d0b9a3 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-r... Size/MD5: 631920 01510acbcd8381c6606e6e1c00b0ea0e http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-u... Size/MD5: 1193890 b757f37d5108f0aa597490dc399c33ff http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 78352 311f0453459518f68031a60b4633643a http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 86298 5ef24892b3707c4e3992275da924a4a0 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 58798 2d4eeecf709b0d0c08924710158ccfe2 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 221794 9a6304ce578d798d86abbb324bcda58c http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 495944 2304daead52107020e668044373d794e http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 135958 9892ecb3e9f604b2327113ad2b9dfa5a http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 73232 50089e6ec7b1acfac746d492cda20beb http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 220250 f47201168e9c6e2cd3ff618b3577c2fe http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 126060 ef39bd9a675e8e7201f42c06ad224f59 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 210146 d95c29cd7b0b33d3bc1ff3538f0989d4 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 766914 cade32ee0e0832ecbf2d358baa04dade http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 738262 107240bf57ce6d381305094289616124 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 611796 9c2cce47121d9ac7f456e92024fc1d5a http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 2168772 8fee82a345bea676764cd9373c60d802 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 54816 4de21ab1116d2fe44b3063284742a542 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 128778 f40d74f86c84c3c02dc032133f022b69 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 1195566 018488d1d644a30a4eab558b36ab58db http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 463408 b1f830fcfae3200986b32dd6088abad7 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 648282 dc4d632c41f0f49f183c9e1388b8354a http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 237694 7747872b0920530b186ca884208566c7 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 9696 00a5c7cd8fe7c6c42ad4bf961c25d9b8 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 125086 c55fe18ca690db7e8583b25ed87570c2 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-r... Size/MD5: 693162 60c5ad23ed7ca7915f4e11aae250db82 http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-u... Size/MD5: 1311540 2b8690e3044f7b88760c5acef63bbcee http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 79062 6ebe3fd2395a6da4347aab787f9bb33e http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 88208 3d4c5c33a7fbde54525fec264ac0599f http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 58808 85c91edda625847e6eeccdb0d2a01e11 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 260346 2ac7795f52efc1c821041284b1e9cf00 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 493320 a6cfdea42e87d5c57c231134288e96de http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 138464 0e1b165ae8abe63c431ed5e050720b52 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 73874 6b20857f99469b77a539049fcc0c33a4 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 222482 081566f7c026eb2447faec407dfb86d6 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 127262 5d17635f5447882bd3a69338135f2746 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 215724 a8f03074461cd1cb7029104be0f6f536 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 756880 b7e2c36791baad6b8d95b0a421ea720f http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 738244 d7d81cbf500bcdbc5ea7513da4aba3c7 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 628970 b4bd7761e217af8b727257a42ec7bc58 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 2151892 9c15e838f10940a000d82cfcb690ea60 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 54402 530562c13d720afadca85773f9c8936e http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 128500 29bf768d0f438d74e2d4ce8e3cc3e026 http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 1178820 5c42d32c9e9bd1d32d314473e1e2be8e http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 465182 2fcd8f23d26ae6c1955fe61c4ce2763b http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 682210 3c3c96dbdd52a9fc202b8efb16c4efee http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 238610 c2ead499fb239970ec1f04b92e743af2 http://security.ubuntu.com/ubuntu/pool/universe/k/kdegrap... Size/MD5: 9696 2d68e1ebd7b569a7b99398699ec85f5f http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics... Size/MD5: 126898 15908f0ef707a5d6dd7421f9108871b5 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-... (Log in to post comments)
|
||||||||||||||||