LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: t1lib vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that t1lib does not properly perform bounds checking which can result in a buffer overflow vulnerability. An attacker could send specially crafted input to applications linked against t1lib which could result in a DoS or arbitrary code execution.
=========================================================== 
Ubuntu Security Notice USN-515-1         September 19, 2007
t1lib vulnerability
CVE-2007-4033
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libt1-5                         5.1.0-2ubuntu0.6.06.1

Ubuntu 6.10:
  libt1-5                         5.1.0-2ubuntu0.6.10.1

Ubuntu 7.04:
  libt1-5                         5.1.0-2ubuntu0.7.04.1

In general, a standard system upgrade is sufficient to affect the
necessary changes.

Details follow:

It was discovered that t1lib does not properly perform bounds checking
which can result in a buffer overflow vulnerability.  An attacker could
send specially crafted input to applications linked against t1lib which
could result in a DoS or arbitrary code execution.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.06.1.diff.gz
      Size/MD5:    13706 d9ce103e87af790c5225b09bb03d7385
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.06.1.dsc
      Size/MD5:      730 8de933312806448123594efa12bf5cc6
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0.orig.tar.gz
      Size/MD5:  1838635 a05bed4aa63637052e60690ccde70421

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-doc_5.1.0-2ubuntu0.6.06.1_all.deb
      Size/MD5:   608928 07320bc9fab519b6cd8dbcd319b09d41

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_amd64.deb
      Size/MD5:   161724 ca9c66df61dae2f76375742d2530503f
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_amd64.deb
      Size/MD5:   192954 cda5eca98bc7464350edb7d17ff3f279
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_amd64.deb
      Size/MD5:    59342 29ccd99dd546473f7fcc07f27f908606

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_i386.deb
      Size/MD5:   140408 0ec3be1685e83742033c0900a1b64a01
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_i386.deb
      Size/MD5:   165518 1a55f8734bbdc58151d9b4b17f46dfbe
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_i386.deb
      Size/MD5:    53286 8e2c1031785c1a13190c6802a45ba063

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_powerpc.deb
      Size/MD5:   156412 53a5770038a14407944a86550e0a2fd2
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_powerpc.deb
      Size/MD5:   205980 8c2a48d82f12e8f7ec571854fcca3017
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_powerpc.deb
      Size/MD5:    54134 d78df8d6e9cdd9f3121386eb31dc3a1f

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_sparc.deb
      Size/MD5:   152790 314234020da17d3e68fa69c38e0eb38b
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_sparc.deb
      Size/MD5:   190472 d69c5aa2d085380b27da2ac72abacf66
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_sparc.deb
      Size/MD5:    55842 8610e26e19137d02180f7815576581b7

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.10.1.diff.gz
      Size/MD5:    13722 e6ab67a2a5bc7117870b14c1f4bb3369
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.10.1.dsc
      Size/MD5:      730 bc5cb1797c225c7c916acae84de33b48
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0.orig.tar.gz
      Size/MD5:  1838635 a05bed4aa63637052e60690ccde70421

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-doc_5.1.0-2ubuntu0.6.10.1_all.deb
      Size/MD5:   608968 ef34d3b6c3c59710c19bc7e6641a2c20

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.10.1_amd64.deb
      Size/MD5:   159858 e603e28bd73fcff74a451eb6b57ff0bb
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.10.1_amd64.deb
      Size/MD5:   191042 2f1a62881dd960e18ff39768f244f9d2
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.10.1_amd64.deb
      Size/MD5:    59230 4f1f7d130d602c57e562ebb35d239b21

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.10.1_i386.deb
      Size/MD5:   144432 fb141c326b3123ea65aa854fc7665866
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.10.1_i386.deb
      Size/MD5:   169758 19f31c36af6bdfba26e1208c39fc66c8
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.10.1_i386.deb
      Size/MD5:    53190 7b303362b227c0371af4b026c7148572

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.10.1_powerpc.deb
      Size/MD5:   156066 80e45861de1bc2406b45c30c23bc3033
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.10.1_powerpc.deb
      Size/MD5:   205860 b48b7054189d15e4777b67799f2fa2e8
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.10.1_powerpc.deb
      Size/MD5:    55120 82e6be926434ebd0b98aa4241aa96c77

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.10.1_sparc.deb
      Size/MD5:   153334 6765c87f8cfe73b6aab375d1a919ca1b
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.10.1_sparc.deb
      Size/MD5:   191080 b0b298207b519b2f7a183255471f6906
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.10.1_sparc.deb
      Size/MD5:    55598 236347f949366e2c9a53bb875328b369

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.7.04.1.diff.gz
      Size/MD5:    13778 2d18ded62941fe63cf07cea11b94c473
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.7.04.1.dsc
      Size/MD5:      814 5f6115c702fc0f4cbc2921dd634d52b1
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0.orig.tar.gz
      Size/MD5:  1838635 a05bed4aa63637052e60690ccde70421

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-doc_5.1.0-2ubuntu0.7.04.1_all.deb
      Size/MD5:   609006 c1b94d42f80cf0872c16803f35708e66

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.7.04.1_amd64.deb
      Size/MD5:   162000 93299291d55d1d766c56d39b4b0798cb
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.7.04.1_amd64.deb
      Size/MD5:   191176 6ec71612dc9565b434ed22db4ae05abe
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.7.04.1_amd64.deb
      Size/MD5:    60170 a812326450f93a0163919726f7e02a15

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.7.04.1_i386.deb
      Size/MD5:   146962 257494ee2f5eaa3a4e26c3421c330746
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.7.04.1_i386.deb
      Size/MD5:   169794 048e0b6a507071578ab91b19208ca38c
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.7.04.1_i386.deb
      Size/MD5:    54696 819cb56786b7556a1d8a561fbd88a6ef

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.7.04.1_powerpc.deb
      Size/MD5:   162466 ef11b5d8956475e4bc79faec7bac4607
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.7.04.1_powerpc.deb
      Size/MD5:   205674 b1d0b8c09f86721d81363f0c560efb83
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.7.04.1_powerpc.deb
      Size/MD5:    58292 1fabfed321d1d7b732aed3b5fcc0a501

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.7.04.1_sparc.deb
      Size/MD5:   155778 7f916ff82c6d05c995a4ce76d130703f
    http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.7.04.1_sparc.deb
      Size/MD5:   191048 517dbfb86bf112e634c2681591ed1628
    http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.7.04.1_sparc.deb
      Size/MD5:    57492 542e025fa07660a20d322681a61de387


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.