Home / vulnerabilities MDVSA-2008-173.txt
Posted on 20 August 2008
Source : packetstormsecurity.org Link
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:173
http://www.mandriva.com/security/
_______________________________________________________________________
Package : kdegraphics
Date : August 19, 2008
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
Kees Cook of Ubuntu security found a flaw in how poppler prior
to version 0.6 displayed malformed fonts embedded in PDF files.
An attacker could create a malicious PDF file that would cause
applications using poppler to crash, or possibly execute arbitrary
code when opened (CVE-2008-1693).
This vulnerability also affected older versions of kpdf, so the
updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
c48c75be77960fbb394a2b1eeac6b181 corporate/4.0/i586/kdegraphics-3.5.4-0.8.20060mlcs4.i586.rpm
7ed79b015abce818dfec06dfba1c1380 corporate/4.0/i586/kdegraphics-common-3.5.4-0.8.20060mlcs4.i586.rpm
544e0b41ae1e8a30ad8df50a078558a1 corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.8.20060mlcs4.i586.rpm
d2a9273cf9651705a5bb535a90d0136c corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.8.20060mlcs4.i586.rpm
766e1accbc92ae47315f36c49e033fe1 corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.8.20060mlcs4.i586.rpm
028c82916bebdeaa72eef92de8e8915b corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.8.20060mlcs4.i586.rpm
5086b22bd13361fa5dbb98b58cca326b corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.8.20060mlcs4.i586.rpm
d2fc10f6a3692faefbd18b930ca6e8bb corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.8.20060mlcs4.i586.rpm
b3999a4d4a09ac4287d4367739b65a4e corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.8.20060mlcs4.i586.rpm
f340936657f82cb8cb4f9be24eb0e0b1 corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.8.20060mlcs4.i586.rpm
b284b87bbb08ee0c71a0274cbaaee22a corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.8.20060mlcs4.i586.rpm
2d8bae2c857ffed30979aeb2b7825698 corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.8.20060mlcs4.i586.rpm
01f71322cb69831c2d85efd7c183221a corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.8.20060mlcs4.i586.rpm
000750beeb8845c1ad83c737f43e2a7e corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.8.20060mlcs4.i586.rpm
5129a71c61bc26bc0b840cbe1f73a4fc corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.8.20060mlcs4.i586.rpm
af856c22dfa63a9e23374053a34b8acf corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.8.20060mlcs4.i586.rpm
4008e583c8019451a0683b30e8edb011 corporate/4.0/i586/kdegraphics-kview-3.5.4-0.8.20060mlcs4.i586.rpm
97ae6b724e5f20dbda7e0a5e5624431a corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.8.20060mlcs4.i586.rpm
6a6f33b0f940d78191be569dd414d67c corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.8.20060mlcs4.i586.rpm
d212fda5331980b961d73d0c442ae628 corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.8.20060mlcs4.i586.rpm
b1d802051c290726d17dc9b643358324 corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.8.20060mlcs4.i586.rpm
d4c80288ea40e92742ac28ed99ce76c4 corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.8.20060mlcs4.i586.rpm
c61d07979ea8a97200972581b4d41702 corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.8.20060mlcs4.i586.rpm
0c7b3a2769ec6557dc08eb9575b97e57 corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.8.20060mlcs4.i586.rpm
af9abfc2e1c4e685155dc3f4eb33a2eb corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.8.20060mlcs4.i586.rpm
98eff5d1ee0e0614bdc6a7a6bff56a1e corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.8.20060mlcs4.i586.rpm
b015cedc70056a8603f2b0ff0d67ad5b corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.8.20060mlcs4.i586.rpm
faaf4b28dd162997cd8f5c805ff99720 corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.8.20060mlcs4.i586.rpm
3daea8370340ca1f94f08246c1c0d5f0 corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.8.20060mlcs4.i586.rpm
aaf91d76d1a39400da63bc0fa6e4529b corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.8.20060mlcs4.i586.rpm
2fcf66b36cc00bf5312e8672358a77f2 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
45b1d1842cde5de28b039ea27b583258 corporate/4.0/x86_64/kdegraphics-3.5.4-0.8.20060mlcs4.x86_64.rpm
f8854845e1ec41724dd692c862ea5f2d corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.8.20060mlcs4.x86_64.rpm
2053e876eb098bfd3e66335d1559dee0 corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.8.20060mlcs4.x86_64.rpm
0ca9ea1f23a425faf11a34aa68278fae corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.8.20060mlcs4.x86_64.rpm
d0b3bfab1c6e06d3b280775ccb0148c4 corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.8.20060mlcs4.x86_64.rpm
de102515cd82fbb2d1a982276954a90b corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.8.20060mlcs4.x86_64.rpm
2ab24fdd2bb4baab401adb33f0679937 corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.8.20060mlcs4.x86_64.rpm
ebb3e79e1dafdd462774b796963dbf44 corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.8.20060mlcs4.x86_64.rpm
0ed728bf9dacf3bd74a60454474a14f0 corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.8.20060mlcs4.x86_64.rpm
518e3d032f68554987e927d13eda143c corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.8.20060mlcs4.x86_64.rpm
31e391645ccac68d5845238b5b19f5bf corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.8.20060mlcs4.x86_64.rpm
dc8b45093d330089a51c5379f88eca27 corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.8.20060mlcs4.x86_64.rpm
301db4e99da585e2ffd70c221fac1ceb corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.8.20060mlcs4.x86_64.rpm
0d0cf2122a0f2024253fada72c249ce5 corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.8.20060mlcs4.x86_64.rpm
61bb88e15c6236eb927b9a7ad52ec951 corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.8.20060mlcs4.x86_64.rpm
4ceccb045a409a678de85757abbb283f corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.8.20060mlcs4.x86_64.rpm
27c0e3e413d43ea48630233166c64db8 corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.8.20060mlcs4.x86_64.rpm
7e71c8ad66d111bb5105c02bc682c985 corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.8.20060mlcs4.x86_64.rpm
f5a8505ac85a3da2763bf7cb60b5b85e corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.8.20060mlcs4.x86_64.rpm
49ff1b79d5edce7568f6409c8eabccc9 corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm
85877748738af447e2b2219e782fa988 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.8.20060mlcs4.x86_64.rpm
ca0ed072b4f3addead66e64cf174dc42 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm
eeac9394a0ae1371086c7862d706aa2e corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.8.20060mlcs4.x86_64.rpm
84769df4de641bc615c77e971e727403 corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm
52a3ce24202e480803514108e23e5244 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.8.20060mlcs4.x86_64.rpm
9254908e6d0f094aab5aa8433beef77a corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm
5aae3dfccff23539d4ec103d783a729d corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.8.20060mlcs4.x86_64.rpm
82bc88d91af010a7c1c99d8c6ac2ca17 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm
47a591ec73214a9ca4a8a3e6cb71df46 corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.8.20060mlcs4.x86_64.rpm
81cb62a332322f2256fc8b425add3cff corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm
2fcf66b36cc00bf5312e8672358a77f2 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.8.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIqwY7mqjQ0CJFipgRAqUOAKCd62Jf/MyXsVBCL585A+EvkplhtACgnTck
m6L0UtTi6j93EYp+XKswP8U=
=bQn5
-----END PGP SIGNATURE-----