Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVSA-2008:173 ] kdegraphics

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1219178737-11275-8288

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2008:173

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : kdegraphics

Date : August 19, 2008

Affected: Corporate 4.0

_______________________________________________________________________

 

Problem Description:

 

Kees Cook of Ubuntu security found a flaw in how poppler prior

to version 0.6 displayed malformed fonts embedded in PDF files.

An attacker could create a malicious PDF file that would cause

applications using poppler to crash, or possibly execute arbitrary

code when opened (CVE-2008-1693).

 

This vulnerability also affected older versions of kpdf, so the

updated packages have been patched to correct this issue.

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693

_______________________________________________________________________

 

Updated Packages:

 

Corporate 4.0:

c48c75be77960fbb394a2b1eeac6b181 corporate/4.0/i586/kdegraphics-3.5.4-0.8.20060mlcs4.i586.rpm

7ed79b015abce818dfec06dfba1c1380 corporate/4.0/i586/kdegraphics-common-3.5.4-0.8.20060mlcs4.i586.rpm

544e0b41ae1e8a30ad8df50a078558a1 corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.8.20060mlcs4.i586.rpm

d2a9273cf9651705a5bb535a90d0136c corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.8.20060mlcs4.i586.rpm

766e1accbc92ae47315f36c49e033fe1 corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.8.20060mlcs4.i586.rpm

028c82916bebdeaa72eef92de8e8915b corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.8.20060mlcs4.i586.rpm

5086b22bd13361fa5dbb98b58cca326b corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.8.20060mlcs4.i586.rpm

d2fc10f6a3692faefbd18b930ca6e8bb corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.8.20060mlcs4.i586.rpm

b3999a4d4a09ac4287d4367739b65a4e corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.8.20060mlcs4.i586.rpm

f340936657f82cb8cb4f9be24eb0e0b1 corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.8.20060mlcs4.i586.rpm

b284b87bbb08ee0c71a0274cbaaee22a corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.8.20060mlcs4.i586.rpm

2d8bae2c857ffed30979aeb2b7825698 corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.8.20060mlcs4.i586.rpm

01f71322cb69831c2d85efd7c183221a corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.8.20060mlcs4.i586.rpm

000750beeb8845c1ad83c737f43e2a7e corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.8.20060mlcs4.i586.rpm

5129a71c61bc26bc0b840cbe1f73a4fc corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.8.20060mlcs4.i586.rpm

af856c22dfa63a9e23374053a34b8acf corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.8.20060mlcs4.i586.rpm

4008e583c8019451a0683b30e8edb011 corporate/4.0/i586/kdegraphics-kview-3.5.4-0.8.20060mlcs4.i586.rpm

97ae6b724e5f20dbda7e0a5e5624431a corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.8.20060mlcs4.i586.rpm

6a6f33b0f940d78191be569dd414d67c corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.8.20060mlcs4.i586.rpm

d212fda5331980b961d73d0c442ae628 corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.8.20060mlcs4.i586.rpm

b1d802051c290726d17dc9b643358324 corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.8.20060mlcs4.i586.rpm

d4c80288ea40e92742ac28ed99ce76c4 corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.8.20060mlcs4.i586.rpm

c61d07979ea8a97200972581b4d41702 corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.8.20060mlcs4.i586.rpm

0c7b3a2769ec6557dc08eb9575b97e57 corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.8.20060mlcs4.i586.rpm

af9abfc2e1c4e685155dc3f4eb33a2eb corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.8.20060mlcs4.i586.rpm

98eff5d1ee0e0614bdc6a7a6bff56a1e corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.8.20060mlcs4.i586.rpm

b015cedc70056a8603f2b0ff0d67ad5b corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.8.20060mlcs4.i586.rpm

faaf4b28dd162997cd8f5c805ff99720 corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.8.20060mlcs4.i586.rpm

3daea8370340ca1f94f08246c1c0d5f0 corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.8.20060mlcs4.i586.rpm

aaf91d76d1a39400da63bc0fa6e4529b corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.8.20060mlcs4.i586.rpm

2fcf66b36cc00bf5312e8672358a77f2 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.8.20060mlcs4.src.rpm

 

Corporate 4.0/X86_64:

45b1d1842cde5de28b039ea27b583258 corporate/4.0/x86_64/kdegraphics-3.5.4-0.8.20060mlcs4.x86_64.rpm

f8854845e1ec41724dd692c862ea5f2d corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.8.20060mlcs4.x86_64.rpm

2053e876eb098bfd3e66335d1559dee0 corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.8.20060mlcs4.x86_64.rpm

0ca9ea1f23a425faf11a34aa68278fae corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.8.20060mlcs4.x86_64.rpm

d0b3bfab1c6e06d3b280775ccb0148c4 corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.8.20060mlcs4.x86_64.rpm

de102515cd82fbb2d1a982276954a90b corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.8.20060mlcs4.x86_64.rpm

2ab24fdd2bb4baab401adb33f0679937 corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.8.20060mlcs4.x86_64.rpm

ebb3e79e1dafdd462774b796963dbf44 corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.8.20060mlcs4.x86_64.rpm

0ed728bf9dacf3bd74a60454474a14f0 corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.8.20060mlcs4.x86_64.rpm

518e3d032f68554987e927d13eda143c corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.8.20060mlcs4.x86_64.rpm

31e391645ccac68d5845238b5b19f5bf corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.8.20060mlcs4.x86_64.rpm

dc8b45093d330089a51c5379f88eca27 corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.8.20060mlcs4.x86_64.rpm

301db4e99da585e2ffd70c221fac1ceb corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.8.20060mlcs4.x86_64.rpm

0d0cf2122a0f2024253fada72c249ce5 corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.8.20060mlcs4.x86_64.rpm

61bb88e15c6236eb927b9a7ad52ec951 corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.8.20060mlcs4.x86_64.rpm

4ceccb045a409a678de85757abbb283f corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.8.20060mlcs4.x86_64.rpm

27c0e3e413d43ea48630233166c64db8 corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.8.20060mlcs4.x86_64.rpm

7e71c8ad66d111bb5105c02bc682c985 corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.8.20060mlcs4.x86_64.rpm

f5a8505ac85a3da2763bf7cb60b5b85e corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.8.20060mlcs4.x86_64.rpm

49ff1b79d5edce7568f6409c8eabccc9 corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm

85877748738af447e2b2219e782fa988 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.8.20060mlcs4.x86_64.rpm

ca0ed072b4f3addead66e64cf174dc42 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm

eeac9394a0ae1371086c7862d706aa2e corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.8.20060mlcs4.x86_64.rpm

84769df4de641bc615c77e971e727403 corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm

52a3ce24202e480803514108e23e5244 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.8.20060mlcs4.x86_64.rpm

9254908e6d0f094aab5aa8433beef77a corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm

5aae3dfccff23539d4ec103d783a729d corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.8.20060mlcs4.x86_64.rpm

82bc88d91af010a7c1c99d8c6ac2ca17 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm

47a591ec73214a9ca4a8a3e6cb71df46 corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.8.20060mlcs4.x86_64.rpm

81cb62a332322f2256fc8b425add3cff corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.8.20060mlcs4.x86_64.rpm

2fcf66b36cc00bf5312e8672358a77f2 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.8.20060mlcs4.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFIqwY7mqjQ0CJFipgRAqUOAKCd62Jf/MyXsVBCL585A+EvkplhtACgnTck

m6L0UtTi6j93EYp+XKswP8U=

=bQn5

-----END PGP SIGNATURE-----

 

 

------------=_1219178737-11275-8288

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1219178737-11275-8288--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×