-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 599-1 security@xxxxxxxxxx http://www.debian.org/security/ Martin Schulze November 25th, 2004 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : tetex-bin Vulnerability : integer overflows Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-0888 Debian Bug : 278298 Chris Evans discovered several integer overflows in xpdf, that are also present in tetex-bin, binary files for the teTeX distribution, which can be exploited remotely by a specially crafted PDF document and lead to the execution of arbitrary code. For the stable distribution (woody) these problems have been fixed in version 20011202-7.3. For the unstable distribution (sid) these problems have been fixed in version 2.0.2-23. We recommend that you upgrade your tetex-bin packages. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3.dsc Size/MD5 checksum: 874 0774ffbc5e428a21939d7d10070ef12b http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3.tar.gz Size/MD5 checksum: 10329770 9ffa7015b10981c3524e8d6147f2c077 Alpha architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_alpha.deb Size/MD5 checksum: 84664 7b82ef947ccbd60c57e31fa1cdbceeae http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_alpha.deb Size/MD5 checksum: 53042 e14d212ec7d9a21859b443ea11210d12 http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_alpha.deb Size/MD5 checksum: 4568870 d8a00aedde830f02a46f70ae97bcdfbc ARM architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_arm.deb Size/MD5 checksum: 65256 c7fb486f0e58d6f90a080313ade6d980 http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_arm.deb Size/MD5 checksum: 43610 acf504677a35232f075cb6368cb73c4f http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_arm.deb Size/MD5 checksum: 3703874 25b4e1d62d2b010382bb74e610f7de32 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_i386.deb Size/MD5 checksum: 62598 6c11adfac9cbe8007aa89fa91bef57da http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_i386.deb Size/MD5 checksum: 40742 afda3a9de40083b9fb4a9d92a57749f3 http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_i386.deb Size/MD5 checksum: 3137234 898331b25326db5114be3fde93b191d1 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_ia64.deb Size/MD5 checksum: 89716 c18229e93ad1bcd55a4baf9236798545 http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_ia64.deb Size/MD5 checksum: 63354 67c881d278113cd980dcfba6b52b2b1a http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_ia64.deb Size/MD5 checksum: 5598790 7e42e2710c659668fd6cb49ee73d333d HP Precision architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_hppa.deb Size/MD5 checksum: 79336 56b55b712e71ff618a1f861fe79ec21c http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_hppa.deb Size/MD5 checksum: 49324 8577bdb403711604e3ff31cef86a9f1a http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_hppa.deb Size/MD5 checksum: 4106740 0f07a18dd4762a7d4bd5ea0881b8a80e Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_m68k.deb Size/MD5 checksum: 61894 645b35f6e1d139a50f2fbd33be3c985b http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_m68k.deb Size/MD5 checksum: 41370 7b6ce68854bf90f1914f90d386a83dcf http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_m68k.deb Size/MD5 checksum: 2923076 de62311a6c75ca949adf65b09c5d0722 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_mips.deb Size/MD5 checksum: 75110 725f811a3b30630c84fa63137eca473d http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_mips.deb Size/MD5 checksum: 42380 a89bb43e57cfb784e5b9193177c7894e http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_mips.deb Size/MD5 checksum: 3941306 2e93d929facb57b8a3500780c00c2335 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_mipsel.deb Size/MD5 checksum: 74908 973bf6cec0fd0f972d1e159e1565953c http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_mipsel.deb Size/MD5 checksum: 42592 360874783cafee5a52b11a9f34cca859 http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_mipsel.deb Size/MD5 checksum: 3899668 a8f1b96d1cd98bbb47ab0a685d719695 PowerPC architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_powerpc.deb Size/MD5 checksum: 73942 631231dd210da928ae371d327d1d9c19 http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_powerpc.deb Size/MD5 checksum: 45282 0452f97d7b0fa7d385c2bbe1f7f9010f http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_powerpc.deb Size/MD5 checksum: 3587232 c4895e69f2428a9641418ebc751fe7d3 IBM S/390 architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_s390.deb Size/MD5 checksum: 64264 a1d4534009c6c82335c5231869b921d9 http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_s390.deb Size/MD5 checksum: 43760 ead82804aaee31f3ba40d98d6d11ed7b http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_s390.deb Size/MD5 checksum: 3441172 8ca00fddab7f9c3c612e6ac3db9889a4 Sun Sparc architecture: http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_sparc.deb Size/MD5 checksum: 70710 d0e1d6a50ca4dfbe852445d6b49b1a40 http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_sparc.deb Size/MD5 checksum: 48748 907d98a1136cfd90f0678497728885d0 http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_sparc.deb Size/MD5 checksum: 3598666 0deea34aef2ec55cb04eb8f93204d2f2 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBpfC4W5ql+IAeqTIRAkfJAJ0WxP0zV5CTgCOBQFLHRwiLsRUCvwCgkTQt AYT6xca57KtGVtMIKxy6HXk= =M2UP -----END PGP SIGNATURE-----
