BugTraq
[ MDVSA-2011:005 ] evince Jan 13 2011 03:28PM
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:005
http://www.mandriva.com/security/
_______________________________________________________________________

Package : evince
Date : January 13, 2011
Affected: 2010.0, 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in evince:

Array index error in the PK and VF font parser in the dvi-backend
component in Evince 2.32 and earlier allows remote attackers to
cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted font in conjunction with a DVI file that
is processed by the thumbnailer (CVE-2010-2640, CVE-2010-2641).

Heap-based buffer overflow in the AFM font parser in the dvi-backend
component in Evince 2.32 and earlier allows remote attackers to
cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted font in conjunction with a DVI file that
is processed by the thumbnailer (CVE-2010-2642).

Integer overflow in the TFM font parser in the dvi-backend component in
Evince 2.32 and earlier allows remote attackers to execute arbitrary
code via a crafted font in conjunction with a DVI file that is
processed by the thumbnailer (CVE-2010-2643).

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.0:
e079913edf4d4f3073865b7d49fe799e 2010.0/i586/evince-2.28.1-1.1mdv2010.0.i586.rpm
799a7a19999cca73b787ea557fabe48b 2010.0/i586/libevince1-2.28.1-1.1mdv2010.0.i586.rpm
9da45de2f8808622d87310139ab0cd57 2010.0/i586/libevince-devel-2.28.1-1.1mdv2010.0.i586.rpm
8cf3fc28bc224cb6d798986b83ff214b 2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
7f547bd0f819bb294155a77992dc3867 2010.0/x86_64/evince-2.28.1-1.1mdv2010.0.x86_64.rpm
b49ee796665b1f3690aa8604f398da6f 2010.0/x86_64/lib64evince1-2.28.1-1.1mdv2010.0.x86_64.rpm
2d4d32da719f789cab879b3a057c31e8 2010.0/x86_64/lib64evince-devel-2.28.1-1.1mdv2010.0.x86_64.rpm
8cf3fc28bc224cb6d798986b83ff214b 2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
89ccc35a168dc271615257ca3b9dc15b 2010.1/i586/evince-2.30.3-1.1mdv2010.2.i586.rpm
680a161ca4937b9624d76313f66ece67 2010.1/i586/libevince2-2.30.3-1.1mdv2010.2.i586.rpm
5f2992bce84180aa51ff1b7a6ceb8ff1 2010.1/i586/libevince-devel-2.30.3-1.1mdv2010.2.i586.rpm
1c0b1ce4cb6374b5d83f620669e2ff7f 2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
92b2edf7ebcbc5562b3664d328cfbb84 2010.1/x86_64/evince-2.30.3-1.1mdv2010.2.x86_64.rpm
258d61dca83a88e6a4560e0793ebc35f 2010.1/x86_64/lib64evince2-2.30.3-1.1mdv2010.2.x86_64.rpm
04afd91e85be6701d28e0b1164e7e41f 2010.1/x86_64/lib64evince-devel-2.30.3-1.1mdv2010.2.x86_64.rpm
1c0b1ce4cb6374b5d83f620669e2ff7f 2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

Mandriva Enterprise Server 5:
c5187d89da4344a18e4b757f51946671 mes5/i586/evince-2.24.0-2.2mdvmes5.1.i586.rpm
5a81c37bff705aa4b7b9cb8e96a4cbb2 mes5/i586/libevince0-2.24.0-2.2mdvmes5.1.i586.rpm
9e1c0400a275f99fa3a1350b4328e84e mes5/i586/libevince-devel-2.24.0-2.2mdvmes5.1.i586.rpm
d4ac7e1574b982ec49d34cfb61026c77 mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
8f672ce32264b8ca99f5540972a3a7f8 mes5/x86_64/evince-2.24.0-2.2mdvmes5.1.x86_64.rpm
0882e7a97b30c1ecf1ebf7c1dd1bb191 mes5/x86_64/lib64evince0-2.24.0-2.2mdvmes5.1.x86_64.rpm
9bce986a11c112a50911390d965be0c9 mes5/x86_64/lib64evince-devel-2.24.0-2.2mdvmes5.1.x86_64.rpm
d4ac7e1574b982ec49d34cfb61026c77 mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNLuyrmqjQ0CJFipgRAi8kAKC7zVrpdQxiuU7w+oVNpNi2l8gAzACfQ14D
YAUn/R+xAZUWOs8ScQUXjXI=
=C2wo
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus