LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2012:004: t1lib Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Multiple vulnerabilities has been found and corrected in t1lib: A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:004
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : t1lib
 Date    : January 12, 2012
 Affected: 2010.1, 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in t1lib:
 
 A heap-based buffer overflow flaw was found in the way AFM font file
 parser, used for rendering of DVI files, in GNOME evince document
 viewer and other products, processed line tokens from the given input
 stream. A remote attacker could provide a DVI file, with embedded
 specially-crafted font file, and trick the local user to open it with
 an application using the AFM font parser, leading to that particular
 application crash or, potentially, arbitrary code execution with the
 privileges of the user running the application. Different vulnerability
 than CVE-2010-2642 (CVE-2011-0433).
 
 t1lib 5.1.2 and earlier reads from invalid memory locations, which
 allows remote attackers to cause a denial of service (application
 crash) via a crafted Type 1 font in a PDF document, a different
 vulnerability than CVE-2011-0764 (CVE-2011-1552).
 
 Use-after-free vulnerability in t1lib 5.1.2 and earlier allows
 remote attackers to cause a denial of service (application crash)
 via a PDF document containing a crafted Type 1 font that triggers an
 invalid memory write, a different vulnerability than CVE-2011-0764
 (CVE-2011-1553).
 
 Off-by-one error in t1lib 5.1.2 and earlier allows remote attackers
 to cause a denial of service (application crash) via a PDF document
 containing a crafted Type 1 font that triggers an invalid memory
 read, integer overflow, and invalid pointer dereference, a different
 vulnerability than CVE-2011-0764 (CVE-2011-1554).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0433
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554
 https://bugzilla.redhat.com/show_bug.cgi?id=679732
 http://www.toucan-system.com/advisories/tssa-2011-01.txt
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 906e9b289b52af0b8cd8876cea5a662a  2010.1/i586/libt1lib5-5.1.2-8.3mdv2010.2.i586.rpm
 7e2588f8d40dde88a76762c655561cd4  2010.1/i586/libt1lib-devel-5.1.2-8.3mdv2010.2.i586.rpm
 3f52b411430b7c121f3f5c3e6208fa35  2010.1/i586/libt1lib-static-devel-5.1.2-8.3mdv2010.2.i586.rpm
 0819703d1a566dbb89ef2a20aac7eab3  2010.1/i586/t1lib-config-5.1.2-8.3mdv2010.2.i586.rpm
 0a27570fe99a3c8b0060658e80fa31a9  2010.1/i586/t1lib-progs-5.1.2-8.3mdv2010.2.i586.rpm 
 1330f9cde66d30a4e0b6adfea3ed627c  2010.1/SRPMS/t1lib-5.1.2-8.3mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 4a750fd24b6023d30a40b86146c7c3cf  2010.1/x86_64/lib64t1lib5-5.1.2-8.3mdv2010.2.x86_64.rpm
 33d849053852d299235845f5d6f89d31  2010.1/x86_64/lib64t1lib-devel-5.1.2-8.3mdv2010.2.x86_64.rpm
 49c35baf2d21c037d3c418970d76f7fc  2010.1/x86_64/lib64t1lib-static-devel-5.1.2-8.3mdv2010.2.x86_64.rpm
 289fd06ba3966e353e0ddee95f9d482f  2010.1/x86_64/t1lib-config-5.1.2-8.3mdv2010.2.x86_64.rpm
 df7434fc99f8ddabe69dfb094e37f807  2010.1/x86_64/t1lib-progs-5.1.2-8.3mdv2010.2.x86_64.rpm 
 1330f9cde66d30a4e0b6adfea3ed627c  2010.1/SRPMS/t1lib-5.1.2-8.3mdv2010.2.src.rpm

 Mandriva Linux 2011:
 4f34e6057ce31346d38e9fc9001d61c2  2011/i586/libt1lib5-5.1.2-11.2-mdv2011.0.i586.rpm
 77aa1a06d09601db56f3fc05bf9faa7e  2011/i586/libt1lib-devel-5.1.2-11.2-mdv2011.0.i586.rpm
 222228ade6add3fd7125ed8bb36d27da  2011/i586/libt1lib-static-devel-5.1.2-11.2-mdv2011.0.i586.rpm
 9b7b97c247969ee2d19168b8292e2421  2011/i586/t1lib-config-5.1.2-11.2-mdv2011.0.i586.rpm
 ed73e55ca60889ce0b2be65d963c08ce  2011/i586/t1lib-progs-5.1.2-11.2-mdv2011.0.i586.rpm 
 94fd5bc64f8e01f1687b5c58c99c5b35  2011/SRPMS/t1lib-5.1.2-11.2.src.rpm

 Mandriva Linux 2011/X86_64:
 d670c2d035cabd66078503e9fb975919  2011/x86_64/lib64t1lib5-5.1.2-11.2-mdv2011.0.x86_64.rpm
 173579a5a2e2be525e6f0f18216a15d8  2011/x86_64/lib64t1lib-devel-5.1.2-11.2-mdv2011.0.x86_64.rpm
 7c591e3e11d340923fbb3c5285fc9365  2011/x86_64/lib64t1lib-static-devel-5.1.2-11.2-mdv2011.0.x86_64.rpm
 b3d85f999794d5ced9dda7e1ebd44bd0  2011/x86_64/t1lib-config-5.1.2-11.2-mdv2011.0.x86_64.rpm
 430daefeed13b85e4df03de1e2ba6b73  2011/x86_64/t1lib-progs-5.1.2-11.2-mdv2011.0.x86_64.rpm 
 94fd5bc64f8e01f1687b5c58c99c5b35  2011/SRPMS/t1lib-5.1.2-11.2.src.rpm

 Mandriva Enterprise Server 5:
 617329fd6d27f015da5063d4122d7414  mes5/i586/libt1lib5-5.1.2-4.3mdvmes5.2.i586.rpm
 cd261ce6f85f3830c90145637e8189b3  mes5/i586/libt1lib-devel-5.1.2-4.3mdvmes5.2.i586.rpm
 d544329a165b971a0aea3fce24dd2084  mes5/i586/libt1lib-static-devel-5.1.2-4.3mdvmes5.2.i586.rpm
 3f287590d1eeeec0758fc9b41b814b80  mes5/i586/t1lib-config-5.1.2-4.3mdvmes5.2.i586.rpm
 ae2a57893d1daa1b21c798181d87e8c0  mes5/i586/t1lib-progs-5.1.2-4.3mdvmes5.2.i586.rpm 
 00d9c9fe6fdea354b2ae5829ad69186d  mes5/SRPMS/t1lib-5.1.2-4.3mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 a5834c68430fa0983aa5f86eb30d548d  mes5/x86_64/lib64t1lib5-5.1.2-4.3mdvmes5.2.x86_64.rpm
 de4489f06460799dd96a16c59961a7d7  mes5/x86_64/lib64t1lib-devel-5.1.2-4.3mdvmes5.2.x86_64.rpm
 6ee693bfba9b31dacb6d63e3be6a7278  mes5/x86_64/lib64t1lib-static-devel-5.1.2-4.3mdvmes5.2.x86_64.rpm
 5b653b672c557f8ac0b24f7d9bacc182  mes5/x86_64/t1lib-config-5.1.2-4.3mdvmes5.2.x86_64.rpm
 405cb3191a475b026d146782c3c236fb  mes5/x86_64/t1lib-progs-5.1.2-4.3mdvmes5.2.x86_64.rpm 
 00d9c9fe6fdea354b2ae5829ad69186d  mes5/SRPMS/t1lib-5.1.2-4.3mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Encryption goof fixed in TorrentLocker file-locking malware
Qubes: The Open Source OS Built for Security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.