Detalji

U programskom paketu Evince, jednostavnom pregledniku dokumenata u PDF, PostScript, djvu i DVI formatu, otkriveno je nekoliko ranjivosti. Sve nepravilnosti se javljaju u analizatorima fontova, a očituju se kao pogreška u indeksiranju, preljev međuspremnika ili cjelobrojno prepisivanje. Podmetanjem posebno oblikovane dvi datoteke udaljeni napadač ima mogućnost izvođenja DoS (eng. Denial of Service) napada i pokretanja proizvoljnog programskog koda. Korisnicima se savjetuje prelazak na najnoviju inačicu navedenog paketa.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:005
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : evince
 Date    : January 13, 2011
 Affected: 2010.0, 2010.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in evince:
 
 Array index error in the PK and VF font parser in the dvi-backend
 component in Evince 2.32 and earlier allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted font in conjunction with a DVI file that
 is processed by the thumbnailer (CVE-2010-2640, CVE-2010-2641).
 
 Heap-based buffer overflow in the AFM font parser in the dvi-backend
 component in Evince 2.32 and earlier allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted font in conjunction with a DVI file that
 is processed by the thumbnailer (CVE-2010-2642).
 
 Integer overflow in the TFM font parser in the dvi-backend component in
 Evince 2.32 and earlier allows remote attackers to execute arbitrary
 code via a crafted font in conjunction with a DVI file that is
 processed by the thumbnailer (CVE-2010-2643).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 e079913edf4d4f3073865b7d49fe799e 
2010.0/i586/evince-2.28.1-1.1mdv2010.0.i586.rpm
 799a7a19999cca73b787ea557fabe48b 
2010.0/i586/libevince1-2.28.1-1.1mdv2010.0.i586.rpm
 9da45de2f8808622d87310139ab0cd57 
2010.0/i586/libevince-devel-2.28.1-1.1mdv2010.0.i586.rpm 
 8cf3fc28bc224cb6d798986b83ff214b 
2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 7f547bd0f819bb294155a77992dc3867 
2010.0/x86_64/evince-2.28.1-1.1mdv2010.0.x86_64.rpm
 b49ee796665b1f3690aa8604f398da6f 
2010.0/x86_64/lib64evince1-2.28.1-1.1mdv2010.0.x86_64.rpm
 2d4d32da719f789cab879b3a057c31e8 
2010.0/x86_64/lib64evince-devel-2.28.1-1.1mdv2010.0.x86_64.rpm 
 8cf3fc28bc224cb6d798986b83ff214b 
2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 89ccc35a168dc271615257ca3b9dc15b 
2010.1/i586/evince-2.30.3-1.1mdv2010.2.i586.rpm
 680a161ca4937b9624d76313f66ece67 
2010.1/i586/libevince2-2.30.3-1.1mdv2010.2.i586.rpm
 5f2992bce84180aa51ff1b7a6ceb8ff1 
2010.1/i586/libevince-devel-2.30.3-1.1mdv2010.2.i586.rpm 
 1c0b1ce4cb6374b5d83f620669e2ff7f 
2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 92b2edf7ebcbc5562b3664d328cfbb84 
2010.1/x86_64/evince-2.30.3-1.1mdv2010.2.x86_64.rpm
 258d61dca83a88e6a4560e0793ebc35f 
2010.1/x86_64/lib64evince2-2.30.3-1.1mdv2010.2.x86_64.rpm
 04afd91e85be6701d28e0b1164e7e41f 
2010.1/x86_64/lib64evince-devel-2.30.3-1.1mdv2010.2.x86_64.rpm 
 1c0b1ce4cb6374b5d83f620669e2ff7f 
2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

 Mandriva Enterprise Server 5:
 c5187d89da4344a18e4b757f51946671 
mes5/i586/evince-2.24.0-2.2mdvmes5.1.i586.rpm
 5a81c37bff705aa4b7b9cb8e96a4cbb2 
mes5/i586/libevince0-2.24.0-2.2mdvmes5.1.i586.rpm
 9e1c0400a275f99fa3a1350b4328e84e 
mes5/i586/libevince-devel-2.24.0-2.2mdvmes5.1.i586.rpm 
 d4ac7e1574b982ec49d34cfb61026c77 
mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 8f672ce32264b8ca99f5540972a3a7f8 
mes5/x86_64/evince-2.24.0-2.2mdvmes5.1.x86_64.rpm
 0882e7a97b30c1ecf1ebf7c1dd1bb191 
mes5/x86_64/lib64evince0-2.24.0-2.2mdvmes5.1.x86_64.rpm
 9bce986a11c112a50911390d965be0c9 
mes5/x86_64/lib64evince-devel-2.24.0-2.2mdvmes5.1.x86_64.rpm 
 d4ac7e1574b982ec49d34cfb61026c77 
mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNLuyrmqjQ0CJFipgRAi8kAKC7zVrpdQxiuU7w+oVNpNi2l8gAzACfQ14D
YAUn/R+xAZUWOs8ScQUXjXI=
=C2wo
-----END PGP SIGNATURE-----

Idi na vrh