Bug 175404
| Summary: | CAN-2005-3191,3192,3193,3624,3625,3626,3627,3628,CAN-2006-0301 XPDF various issues | ||
|---|---|---|---|
| Product: | [Retired] Fedora Legacy | Reporter: | John Dalbec <jpdalbec> |
| Component: | xpdf | Assignee: | Fedora Legacy Bugs <bugs> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | deisenst, pekkas |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| URL: | http://www.securityfocus.com/bid/15727 | ||
| Whiteboard: | LEGACY, rh73, rh90, 1, 2, 3 | ||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-03-17 00:49:42 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
John Dalbec
2005-12-09 20:47:25 UTC
05.49.19 CVE: CAN-2005-3193 Platform: Cross Platform Title: XPDF Remote Heap Buffer Overflow Description: XPDF is an open source PDF viewer. It is vulnerable to a remote buffer overflow issue due to insufficient boundary check with the "JPXStream::readCodestream" function. XPDF versions 3.01 and earlier are vulnerable. Ref: http://rhn.redhat.com/errata/RHSA-2005-840.html 05.49.20 CVE: CAN-2005-3192 Platform: Cross Platform Title: XPDF StreamPredictor Remote Heap Buffer Overflow Description: XPDF is an open source PDF viewer. It is reported prone to a remote buffer overflow vulnerability due to improper boundary checks before copying user-supplied data into process buffers. It is reported that this issue presents itself in the "StreamPredictor::StreamPredictor" function residing in the "xpdf/Stream.cc" file. This issue is reported to affect XPDF versions 3.01-pl3 and earlier. Ref: http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities On 12/20/2005, Red Hat (re)issued advisory RHSA-2005:840 for this issue. http://rhn.redhat.com/errata/RHSA-2005-840.html "This update has been rated as having important security impact by the Red Hat Security Response Team." According to Josh Bressers in Bug #173888, these issues affect xpdf, kdegraphics, cups, gpdf, tetex and poppler. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are updated xpdf packages to QA. rh7.3: CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628 rh9: CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628 fc1: CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628 fc2: CVE-2005-2097, CVE-2005-3191, CVE-2005-3192, CVE-2005-3193 CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627 CVE-2005-3628, CVE-2006-0301 fc3: CVE-2006-0301 9da32c36e4a6cb0ef5bc97ae330a4b4fd0267963 7.3/xpdf-1.00-7.5.legacy.src.rpm 84d8c49c3d2178da51f7c5da330dae399a910a6b 9/xpdf-2.01-11.4.legacy.src.rpm b8b923254760db567ff247a6c684c261dcf5b6d2 1/xpdf-2.03-1.4.legacy.src.rpm 1b7f801dd81ddd434af622cb39a730bc39262fda 2/xpdf-3.00-3.8.1.legacy.src.rpm 0dc50026b2dfec8e9dace0ef127fca23af707f64 3/xpdf-3.01-0.FC3.5.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/7.3/xpdf-1.00-7.5.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/9/xpdf-2.01-11.4.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/1/xpdf-2.03-1.4.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/2/xpdf-3.00-3.8.1.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/3/xpdf-3.01-0.FC3.5.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) iD8DBQFD+JnZLMAs/0C4zNoRAgjvAKCZr/Z796yoFakDlLaVrz44aMrANwCeP7EG Ju5ueZGrMjrcRcC22YLQokQ= =AY9r -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QA w/ rpm-build-compare.sh: - source integrity good - spec file changes minimal - patches verified to come from upstream or be with minor mods. One spotted issue: was there a reason why the earlier patch was not bumped to -135393.patch in RHL73? +PUBLISH RHL9, FC1, FC2, FC3 9da32c36e4a6cb0ef5bc97ae330a4b4fd0267963 xpdf-1.00-7.5.legacy.src.rpm 84d8c49c3d2178da51f7c5da330dae399a910a6b xpdf-2.01-11.4.legacy.src.rpm b8b923254760db567ff247a6c684c261dcf5b6d2 xpdf-2.03-1.4.legacy.src.rpm 1b7f801dd81ddd434af622cb39a730bc39262fda xpdf-3.00-3.8.1.legacy.src.rpm 0dc50026b2dfec8e9dace0ef127fca23af707f64 xpdf-3.01-0.FC3.5.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFD+V3zGHbTkzxSL7QRAiZwAJ4iYfybeNoqgYchuBgWNZtj1DA00ACcDUeA d+RyT3a0guGaynDglKXUj/4= =QNQq -----END PGP SIGNATURE----- in rh7.3, the code is different, and the earlier patch for 7.3 looks like it covers the issues as well as the 135393 patch does. The other ones had incomplete patches that I replaced with 135393. I noticed that RHEL 2.1 has adapted the 135393 patch though? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You're right Pekka, thanks. For some reason, I didn't think rhel21 had xpdf. Here are updated packages for rh7.3. The xpdf-0.92 patch from rhel21 was incomplete for xpdf-1.00, so I added the missing section in. 95a0e6b4ce12d14d02bb684f9869f006520bd9c9 7.3/xpdf-1.00-7.6.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/7.3/xpdf-1.00-7.6.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) iD8DBQFD+loZLMAs/0C4zNoRAjAVAKC70s05zLfpIxQSoz7CLFDkk9ZSmQCgr7w2 eMFIjxNTI87jI1EOnLUG0pQ= =wvdY -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
QA w/ rpm-build-compare.sh:
- source integrity good
- spec file changes minimal
- patch mostly like RHEL21, with the one added segment which seems OK
+PUBLISH RHL73
95a0e6b4ce12d14d02bb684f9869f006520bd9c9 xpdf-1.00-7.6.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFD+rceGHbTkzxSL7QRAnJWAJ9W+fj3RW51RhXh2e4MQe7JuNopzwCgpGEz
MvfORN0f2VL95sCF0Xy06TQ=
=0hKY
-----END PGP SIGNATURE-----
Packages were released to updates-testing -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QA for RHL9. Signatures OK, upgrades OK. Opened a couple of PDF's fine. +VERIFY RHL9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFEBVDvGHbTkzxSL7QRAvTCAJ4/fuYgJS953ZrCVi5uldRFVnIlOwCgmDk4 tVCDe48yRK8cqWL5iiDwJ90= =EndE -----END PGP SIGNATURE----- Btw, I also did rpm-build-compare.sh on the binary compared to the original Red Hat version (xpdf-2.01-8.i386.rpm), and I noticed that our version is also linking against libfreetype.so.6. I don't know at which point this has come in, or whether it's intentional, but I don't think it hurts in any case.. Timeout over.. Packages were pushed to updates. |