Description of problem: dviljk contains multiple buffer overflow conditions that can be triggered by a DVI input file. This could possibly result in arbitrary code execution in case user was tricked into print a specially crafted DVI file. Additional info: See URL filed for Gentoo report. The attachment #249481 [details] fixes this bug together with bug #368611 It will most likely need some mungling as whitespace changes make the fixes less obvious.
The CVE identifier for this issue was requested.
(In reply to comment #0) > It will most likely need some mungling as whitespace changes make the fixes less > obvious. Cleaned up patch for texlive is here. Except for the autotools stuff and ChangeLog, it should apply to tetex. http://bugs.gentoo.org/attachment.cgi?id=135423
Pinged Mitre about the need for CVE.
Fixed in rawhide. F8, F7, FC-6 pending.
tetex-3.0-44.2.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update tetex'
tetex-3.0-40.3.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update tetex'
tetex-3.0-40.3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
tetex-3.0-44.3.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Reporter changed to security-response-team by request of Jay Turner.
Statement: Not vulnerable. This issue did not affect the versions of tetex packages as shipped with Red Hat Enterprise Linux 3, 4, or 5, as they do not provide dviljk binary.