User: Password:
|
|
Subscribe / Log in / New account

Mandrake alert MDKSA-2005:019 (koffice)

From:  Mandrake Linux Security Team <security@linux-mandrake.com>
To:  security-announce@linux-mandrake.com
Subject:  [Security Announce] MDKSA-2005:019 - Updated koffice packages fix buffer overflow vulnerability
Date:  Tue, 25 Jan 2005 21:47:58 -0700

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandrakelinux Security Update Advisory _______________________________________________________________________ Package name: koffice Advisory ID: MDKSA-2005:019 Date: January 25th, 2005 Affected versions: 10.0, 10.1, Corporate Server 3.0 ______________________________________________________________________ Problem Description: A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. Koffice uses xpdf code and is susceptible to the same vulnerability. The updated packages have been patched to prevent these problems. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: d620ab0db67c4e25f755ee62cf1a474a 10.0/RPMS/koffice-1.3-12.2.100mdk.i586.rpm ade52f0ac258267ae8614502fabc8ab2 10.0/RPMS/libkoffice2-1.3-12.2.100mdk.i586.rpm 280135355e26e3baab14f63628c97dc2 10.0/RPMS/libkoffice2-devel-1.3-12.2.100mdk.i586.rpm d46d3a868900d7ab94aeaa34deea1018 10.0/SRPMS/koffice-1.3-12.2.100mdk.src.rpm Mandrakelinux 10.0/AMD64: 04bf5f31e92516f1c0458ba12c930a48 amd64/10.0/RPMS/koffice-1.3-12.2.100mdk.amd64.rpm eec5070100e0ddbc03d4e0c55dfe1be3 amd64/10.0/RPMS/lib64koffice2-1.3-12.2.100mdk.amd64.rpm 065702b188f8ea68df6493da6cdbd660 amd64/10.0/RPMS/lib64koffice2-devel-1.3-12.2.100mdk.amd64.rpm d46d3a868900d7ab94aeaa34deea1018 amd64/10.0/SRPMS/koffice-1.3-12.2.100mdk.src.rpm Mandrakelinux 10.1: c0530b7a5fa5542752b8998c31acce9e 10.1/RPMS/koffice-1.3.3-2.2.101mdk.i586.rpm 7d18d56f064133b241d2c454e817eb38 10.1/RPMS/koffice-karbon-1.3.3-2.2.101mdk.i586.rpm 9622c8c9f7876aa3d159532486117c5d 10.1/RPMS/koffice-kformula-1.3.3-2.2.101mdk.i586.rpm 4389b3cd90e57052424417f7a8dd4ceb 10.1/RPMS/koffice-kivio-1.3.3-2.2.101mdk.i586.rpm 361459b34c382e1c1382b483a92a6756 10.1/RPMS/koffice-koshell-1.3.3-2.2.101mdk.i586.rpm 15e865d609a58ac2783e8d25fde0418e 10.1/RPMS/koffice-kpresenter-1.3.3-2.2.101mdk.i586.rpm 65a868b881015cfd2376748526902fc8 10.1/RPMS/koffice-kspread-1.3.3-2.2.101mdk.i586.rpm 6587cc22182a858158cd8aea2afcba64 10.1/RPMS/koffice-kugar-1.3.3-2.2.101mdk.i586.rpm caf4007f0343e29a69d10a057af99c83 10.1/RPMS/koffice-kword-1.3.3-2.2.101mdk.i586.rpm da30f2308d7158089c383ca4a99d72ea 10.1/RPMS/koffice-progs-1.3.3-2.2.101mdk.i586.rpm 5784ad20ba835bd54cd95dc24d713253 10.1/RPMS/libkoffice2-karbon-1.3.3-2.2.101mdk.i586.rpm 8eda23533d992bb34d12c7bac00030be 10.1/RPMS/libkoffice2-kformula-1.3.3-2.2.101mdk.i586.rpm a7923dede9bb79346bab697142346ec1 10.1/RPMS/libkoffice2-kivio-1.3.3-2.2.101mdk.i586.rpm 5cc52af39aa57938d7edae0d640fc968 10.1/RPMS/libkoffice2-koshell-1.3.3-2.2.101mdk.i586.rpm e4bec26f95e1f55ced770cafd320e335 10.1/RPMS/libkoffice2-kpresenter-1.3.3-2.2.101mdk.i586.rpm a8e1b736a8a3924cc39495a32b6ad223 10.1/RPMS/libkoffice2-kspread-1.3.3-2.2.101mdk.i586.rpm 5d1e64e28d69771aa4709791547f3802 10.1/RPMS/libkoffice2-kspread-devel-1.3.3-2.2.101mdk.i586.rpm 81bbf226aca53b9ad14c7522f3302191 10.1/RPMS/libkoffice2-kugar-1.3.3-2.2.101mdk.i586.rpm e0c51ed40247b0d0715c6a67e9c0dfdc 10.1/RPMS/libkoffice2-kugar-devel-1.3.3-2.2.101mdk.i586.rpm 1403e58e5586b3dc41d874fb7f76992f 10.1/RPMS/libkoffice2-kword-1.3.3-2.2.101mdk.i586.rpm 77afbcf9c3603ec9cfae784e0d2ed43b 10.1/RPMS/libkoffice2-kword-devel-1.3.3-2.2.101mdk.i586.rpm 37a4b0ca89f95d47850392303f6774a1 10.1/RPMS/libkoffice2-progs-1.3.3-2.2.101mdk.i586.rpm 2219d9fdc81fcf660d60e15319e9943d 10.1/RPMS/libkoffice2-progs-devel-1.3.3-2.2.101mdk.i586.rpm 618a562fb56d40e4ecfd730d2b1be49b 10.1/SRPMS/koffice-1.3.3-2.2.101mdk.src.rpm Mandrakelinux 10.1/X86_64: d9cf8ecb69c8d7ccc2f0168ee078b3d3 x86_64/10.1/RPMS/koffice-1.3.3-2.2.101mdk.x86_64.rpm 460dd9a91e6e82323e110bf052371a52 x86_64/10.1/RPMS/koffice-karbon-1.3.3-2.2.101mdk.x86_64.rpm 3ae887f0ac3679219721611c1f05697d x86_64/10.1/RPMS/koffice-kformula-1.3.3-2.2.101mdk.x86_64.rpm 49efb5347574454645adca560a81f911 x86_64/10.1/RPMS/koffice-kivio-1.3.3-2.2.101mdk.x86_64.rpm 6f4a57a3d88a88ea7a179b4a1a113de9 x86_64/10.1/RPMS/koffice-koshell-1.3.3-2.2.101mdk.x86_64.rpm d5be06b78eb1a0d2606be0deaa45a4a8 x86_64/10.1/RPMS/koffice-kpresenter-1.3.3-2.2.101mdk.x86_64.rpm 96ed4e467d93797e925f09c3ca150a0b x86_64/10.1/RPMS/koffice-kspread-1.3.3-2.2.101mdk.x86_64.rpm 41c1e39c0766d9ed0a823d8d5fa7499b x86_64/10.1/RPMS/koffice-kugar-1.3.3-2.2.101mdk.x86_64.rpm cc48202eb30adf7625464def2461901c x86_64/10.1/RPMS/koffice-kword-1.3.3-2.2.101mdk.x86_64.rpm 7b672b3f77fe1d16ba22fe266695ffa9 x86_64/10.1/RPMS/koffice-progs-1.3.3-2.2.101mdk.x86_64.rpm 3d73eb1169a9a1055c06e134bb366b9f x86_64/10.1/RPMS/lib64koffice2-karbon-1.3.3-2.2.101mdk.x86_64.rpm c31083fa21030ae3270b6623ae6cb29c x86_64/10.1/RPMS/lib64koffice2-kformula-1.3.3-2.2.101mdk.x86_64.rpm 228b5a7e9a0f71b59b00d89f79dd627b x86_64/10.1/RPMS/lib64koffice2-kivio-1.3.3-2.2.101mdk.x86_64.rpm 9ecf703ab3f988fb9cd914c46387bd21 x86_64/10.1/RPMS/lib64koffice2-koshell-1.3.3-2.2.101mdk.x86_64.rpm 456dea35aba11bdfbf3fe253939289b9 x86_64/10.1/RPMS/lib64koffice2-kpresenter-1.3.3-2.2.101mdk.x86_64.rpm 75e1f65af93ef7fb4f5a754b0c7bec31 x86_64/10.1/RPMS/lib64koffice2-kspread-1.3.3-2.2.101mdk.x86_64.rpm 9c44cfeb5ddf24bf0a7cb0f7cb2aab0a x86_64/10.1/RPMS/lib64koffice2-kspread-devel-1.3.3-2.2.101mdk.x86_64.rpm 7b18675837a38c393747a6dd4b6ccf4e x86_64/10.1/RPMS/lib64koffice2-kugar-1.3.3-2.2.101mdk.x86_64.rpm f570ef6a23fa7afc2fb4379329853999 x86_64/10.1/RPMS/lib64koffice2-kugar-devel-1.3.3-2.2.101mdk.x86_64.rpm 4a558d84ab7a2d547c35801aca5d3dbb x86_64/10.1/RPMS/lib64koffice2-kword-1.3.3-2.2.101mdk.x86_64.rpm ea2261303599a4c9d465304e27201f64 x86_64/10.1/RPMS/lib64koffice2-kword-devel-1.3.3-2.2.101mdk.x86_64.rpm 77ade17c9ac8c20c9cf55478dd12aff7 x86_64/10.1/RPMS/lib64koffice2-progs-1.3.3-2.2.101mdk.x86_64.rpm 996b4496c415ffdc41c56e5d0dba97b5 x86_64/10.1/RPMS/lib64koffice2-progs-devel-1.3.3-2.2.101mdk.x86_64.rpm 618a562fb56d40e4ecfd730d2b1be49b x86_64/10.1/SRPMS/koffice-1.3.3-2.2.101mdk.src.rpm Corporate Server 3.0: b487481d69017027aa30d300768f077e corporate/3.0/RPMS/koffice-1.3-12.2.C30mdk.i586.rpm 8b4d331f0944c61fb8e5077bca050c2f corporate/3.0/RPMS/libkoffice2-1.3-12.2.C30mdk.i586.rpm 4d1dae4b305ff73a186b3eaf41ab89bb corporate/3.0/RPMS/libkoffice2-devel-1.3-12.2.C30mdk.i586.rpm 4ce907e44911ae3797f7746e2b73188f corporate/3.0/SRPMS/koffice-1.3-12.2.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandrakelinux at: http://www.mandrakesoft.com/security/advisories If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB9yD+mqjQ0CJFipgRAqwNAJ93m5CjeU50ncwwcF1uzst71mQDogCeIN+p 4XAWLURtZZm3gDFX8G8WloY= =HhIw -----END PGP SIGNATURE----- ____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds