Bug#342287: marked as done (kpdf: source taken from xpdf may introduce heap-overflow vulnerabilities)

To: Christopher Martin <chrsmrtn@debian.org>
Cc: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Subject: Bug#342287: marked as done (kpdf: source taken from xpdf may introduce heap-overflow vulnerabilities)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 07 Dec 2005 20:48:02 -0800
Message-id: <[🔎] handler.342287.D342287.113401686423676.ackdone@bugs.debian.org>
In-reply-to: <E1EkDRy-0005nb-LD@spohr.debian.org>
References: <E1EkDRy-0005nb-LD@spohr.debian.org> <200512061942.jB6Jgtg1030096@savona.maths.usyd.edu.au>
Your message dated Wed, 07 Dec 2005 20:32:10 -0800
with message-id <E1EkDRy-0005nb-LD@spohr.debian.org>
and subject line Bug#342287: fixed in kdegraphics 4:3.4.3-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 6 Dec 2005 19:43:00 +0000
>From psz@maths.usyd.edu.au Tue Dec 06 11:43:00 2005
Return-path: <psz@maths.usyd.edu.au>
Received: from talus.maths.usyd.edu.au ([129.78.68.1])
	by spohr.debian.org with esmtp (Exim 4.50)
	id 1EjiiJ-0008LH-Vt
	for submit@bugs.debian.org; Tue, 06 Dec 2005 11:43:00 -0800
Received: from smtpdoor@localhost by talus.maths.usyd.edu.au (8.12.3/8.1)
	id jB6Jgt3x024567 for submit@bugs.debian.org; Wed, 7 Dec 2005 06:42:55 +1100
Received: from savona.maths.usyd.edu.au (psz@savona.maths.usyd.edu.au) [129.78.69.138]
	by siv.maths.usyd.edu.au via smtpdoor V18.6
	id 24566 for submit@bugs.debian.org; Wed, 7 Dec 2005 06:42:55 +1100
Message-Id: <200512061942.jB6Jgtg1030096@savona.maths.usyd.edu.au>
Received: from psz@localhost by savona.maths.usyd.edu.au (8.13.4/8.3/Submit)
	id jB6Jgtg1030096; Wed, 7 Dec 2005 06:42:55 +1100
X-Authentication-Warning: savona.maths.usyd.edu.au: psz set sender to psz@maths.usyd.edu.au using -f
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Paul Szabo <psz@maths.usyd.edu.au>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: xpdf-reader: security issues by iDefense
X-Mailer: reportbug 3.8
Date: Wed, 07 Dec 2005 06:42:55 +1100
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-7.3 required=4.0 tests=BAYES_00,HAS_PACKAGE,
	MSGID_FROM_MTA_HEADER autolearn=no 
	version=2.60-bugs.debian.org_2005_01_02

Package: xpdf-reader
Version: 3.00-13
Severity: critical
Justification: causes serious data loss



Arbitrary code execution (with privileges as user of package) issues
reported by iDefense:

  Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability
  Multiple Vendor xpdf DCTStream Progressive Heap Overflow
  Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability
  Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability

  http://www.idefense.com/application/poi/display?id=342
  http://www.idefense.com/application/poi/display?id=343
  http://www.idefense.com/application/poi/display?id=344
  http://www.idefense.com/application/poi/display?id=345

(Debian, both woody and sarge, is specifically mentioned as vulnerable.)
Reported also on public mailing lists, see
http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/
http://www.securityfocus.com/archive/1

Upstream/vendor patches are apparently available.

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-spm0.5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages xpdf-reader depends on:
ii  gsfonts            8.14+v8.11+urw-0.2    Fonts for the Ghostscript interpre
ii  lesstif2           1:0.93.94-11.4        OSF/Motif 2.1 implementation relea
ii  libc6              2.3.2.ds1-22          GNU C Library: Shared libraries an
ii  libfreetype6       2.1.7-2.4             FreeType 2 font engine, shared lib
ii  libgcc1            1:3.4.3-13            GCC support library
ii  libice6            4.3.0.dfsg.1-14sarge1 Inter-Client Exchange library
ii  libpaper1          1.1.14-3              Library for handling paper charact
ii  libsm6             4.3.0.dfsg.1-14sarge1 X Window System Session Management
ii  libstdc++5         1:3.3.5-13            The GNU Standard C++ Library v3
ii  libt1-5            5.0.2-3               Type 1 font rasterizer library - r
ii  libx11-6           4.3.0.dfsg.1-14sarge1 X Window System protocol client li
ii  libxext6           4.3.0.dfsg.1-14sarge1 X Window System miscellaneous exte
ii  libxp6             4.3.0.dfsg.1-14sarge1 X Window System printing extension
ii  libxpm4            4.3.0.dfsg.1-14sarge1 X pixmap library
ii  libxt6             4.3.0.dfsg.1-14sarge1 X Toolkit Intrinsics
ii  xlibs              4.3.0.dfsg.1-14sarge1 X Keyboard Extension (XKB) configu
ii  xpdf-common        3.00-13               Portable Document Format (PDF) sui
ii  zlib1g             1:1.2.2-4.sarge.2     compression library - runtime

-- no debconf information

---------------------------------------
Received: (at 342287-close) by bugs.debian.org; 8 Dec 2005 04:41:04 +0000
>From katie@ftp-master.debian.org Wed Dec 07 20:41:04 2005
Return-path: <katie@ftp-master.debian.org>
Received: from katie by spohr.debian.org with local (Exim 4.50)
	id 1EkDRy-0005nb-LD; Wed, 07 Dec 2005 20:32:10 -0800
From: Christopher Martin <chrsmrtn@debian.org>
To: 342287-close@bugs.debian.org
X-Katie: $Revision: 1.60 $
Subject: Bug#342287: fixed in kdegraphics 4:3.4.3-3
Message-Id: <E1EkDRy-0005nb-LD@spohr.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Wed, 07 Dec 2005 20:32:10 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02

Source: kdegraphics
Source-Version: 4:3.4.3-3

We believe that the bug you reported is fixed in the latest version of
kdegraphics, which is due to be installed in the Debian FTP archive:

kamera_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kamera_3.4.3-3_i386.deb
kcoloredit_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kcoloredit_3.4.3-3_i386.deb
kdegraphics-dev_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kdegraphics-dev_3.4.3-3_i386.deb
kdegraphics-doc-html_3.4.3-3_all.deb
  to pool/main/k/kdegraphics/kdegraphics-doc-html_3.4.3-3_all.deb
kdegraphics-kfile-plugins_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.4.3-3_i386.deb
kdegraphics_3.4.3-3.diff.gz
  to pool/main/k/kdegraphics/kdegraphics_3.4.3-3.diff.gz
kdegraphics_3.4.3-3.dsc
  to pool/main/k/kdegraphics/kdegraphics_3.4.3-3.dsc
kdegraphics_3.4.3-3_all.deb
  to pool/main/k/kdegraphics/kdegraphics_3.4.3-3_all.deb
kdvi_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kdvi_3.4.3-3_i386.deb
kfax_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kfax_3.4.3-3_i386.deb
kgamma_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kgamma_3.4.3-3_i386.deb
kghostview_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kghostview_3.4.3-3_i386.deb
kiconedit_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kiconedit_3.4.3-3_i386.deb
kmrml_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kmrml_3.4.3-3_i386.deb
kolourpaint_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kolourpaint_3.4.3-3_i386.deb
kooka_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kooka_3.4.3-3_i386.deb
kpdf_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kpdf_3.4.3-3_i386.deb
kpovmodeler_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kpovmodeler_3.4.3-3_i386.deb
kruler_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kruler_3.4.3-3_i386.deb
ksnapshot_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/ksnapshot_3.4.3-3_i386.deb
ksvg_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/ksvg_3.4.3-3_i386.deb
kuickshow_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kuickshow_3.4.3-3_i386.deb
kview_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kview_3.4.3-3_i386.deb
kviewshell_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/kviewshell_3.4.3-3_i386.deb
libkscan-dev_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/libkscan-dev_3.4.3-3_i386.deb
libkscan1_3.4.3-3_i386.deb
  to pool/main/k/kdegraphics/libkscan1_3.4.3-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 342287@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christopher Martin <chrsmrtn@debian.org> (supplier of updated kdegraphics package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  7 Dec 2005 22:05:43 -0500
Source: kdegraphics
Binary: kdegraphics-kfile-plugins ksnapshot kviewshell kghostview libkscan-dev kruler kcoloredit kamera kdegraphics-dev libkscan1 kview kdegraphics-doc-html kpdf ksvg kdvi kiconedit kfax kuickshow kooka kdegraphics kolourpaint kmrml kgamma kpovmodeler
Architecture: source i386 all
Version: 4:3.4.3-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Christopher Martin <chrsmrtn@debian.org>
Description: 
 kamera     - digital camera io_slave for Konquerer
 kcoloredit - a color palette editor and color picker for KDE
 kdegraphics - graphics apps from the official KDE release
 kdegraphics-dev - development files for the KDE graphics module
 kdegraphics-doc-html - KDE graphics documentation in HTML format
 kdegraphics-kfile-plugins - KDE metainfo plugins for graphic files
 kdvi       - dvi viewer for KDE
 kfax       - G3/G4 fax viewer for KDE
 kgamma     - gamma correction module for the KDE Control Center
 kghostview - PostScript viewer for KDE
 kiconedit  - an icon editor for KDE
 kmrml      - a Konqueror plugin for searching pictures
 kolourpaint - a simple paint program for KDE
 kooka      - scanner program for KDE
 kpdf       - PDF viewer for KDE
 kpovmodeler - a graphical editor for povray scenes
 kruler     - a screen ruler and color measurement tool for KDE
 ksnapshot  - screenshot utility for KDE
 ksvg       - SVG viewer for KDE
 kuickshow  - KDE image/slideshow viewer
 kview      - simple image viewer/converter for KDE
 kviewshell - generic framework for viewer applications in KDE
 libkscan-dev - development files for the KDE scanner library
 libkscan1  - scanner library for KDE
Closes: 342287
Changes: 
 kdegraphics (4:3.4.3-3) unstable; urgency=medium
 .
   +++ Changes by Christopher Martin:
 .
   * KDE_3_4_BRANCH update (up to r486446). This update includes security fixes
     for CAN-2005-3191, CAN-2005-3192, and CAN-2005-3193. (Closes: #342287)
Files: 
 d3cb3365ac2fc0d03b0cec09bcbb8658 1486 kde optional kdegraphics_3.4.3-3.dsc
 fdb70bde40b21e25832e07ba433693c0 217890 kde optional kdegraphics_3.4.3-3.diff.gz
 1ab7da9bd871fd616fd9ad2a0909006d 17914 kde optional kdegraphics_3.4.3-3_all.deb
 f344662fa12d1b1366402809cd35fb0a 146188 doc optional kdegraphics-doc-html_3.4.3-3_all.deb
 4724bca7abccc58f75fd13d5ddf3f872 85256 graphics optional kamera_3.4.3-3_i386.deb
 cbe19fdae91f5abdcf571ef9a108885e 99174 graphics optional kcoloredit_3.4.3-3_i386.deb
 371944104da180a5f9ee60a35175151d 68458 devel optional kdegraphics-dev_3.4.3-3_i386.deb
 5485351291344cd75bfc980710288b23 220150 kde optional kdegraphics-kfile-plugins_3.4.3-3_i386.deb
 2af4c3bfee5884f86da86297639dbd9c 511502 graphics optional kdvi_3.4.3-3_i386.deb
 f3d0493feff7642641e73afd54088ba2 148498 graphics optional kfax_3.4.3-3_i386.deb
 a85f1fd0a8758016275c976d3df46175 72970 graphics optional kgamma_3.4.3-3_i386.deb
 aebfe3bcaaa6f44ca0fb922d5e2fc6d4 224338 graphics optional kghostview_3.4.3-3_i386.deb
 a0c39999e64346f1640ad5b0b46994ab 138828 graphics optional kiconedit_3.4.3-3_i386.deb
 c75a2feaa632cc8bc6f772bba4aa7a5d 214114 kde optional kmrml_3.4.3-3_i386.deb
 528632ab127fd03d75dcce074cf08c8c 768758 graphics optional kolourpaint_3.4.3-3_i386.deb
 38a3eb19527081f9c55e479415419740 751984 graphics optional kooka_3.4.3-3_i386.deb
 fde76529829faff32bea244ce08a556b 621706 graphics optional kpdf_3.4.3-3_i386.deb
 f7aa7bac0ff335bbadd063e8dce90ae7 2177414 graphics optional kpovmodeler_3.4.3-3_i386.deb
 2cbc58e9a0da22393d0c041dadf2fdae 63690 graphics optional kruler_3.4.3-3_i386.deb
 84a8e1000bb1e149fd1648563439b8f8 140666 graphics optional ksnapshot_3.4.3-3_i386.deb
 c64a1b61a9dc2bbb6e54b971349737f7 1173436 graphics optional ksvg_3.4.3-3_i386.deb
 ba8f81b403d1472987ab747e527c96f6 469582 graphics optional kuickshow_3.4.3-3_i386.deb
 53cbdc0de80d560d5ce41ec4bc1dccf4 662044 graphics optional kview_3.4.3-3_i386.deb
 7d1d6b99bb9e13f30cda80bb1ec21c9c 246574 graphics optional kviewshell_3.4.3-3_i386.deb
 82f2734f81677ed750295ad175e13c91 17738 libdevel optional libkscan-dev_3.4.3-3_i386.deb
 8a61535f48f0191faa4b906b13ddefb6 128564 libs optional libkscan1_3.4.3-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Signed by Christopher Martin <chrsmrtn@debian.org>

iD8DBQFDl7U1U+gWW+vtsysRAq7xAKCbClVFDOnEyxZOtDC2/nW36fT8dwCfTZ7W
WJOmISHUk9soKZiwS/NhZgo=
=HC7y
-----END PGP SIGNATURE-----
Reply to:
Prev by Date: Processing of kdegraphics_3.4.3-3_i386.changes
Next by Date: kdegraphics_3.4.3-3_i386.changes ACCEPTED
Previous by thread: Processing of kdegraphics_3.4.3-3_i386.changes
Next by thread: kdegraphics_3.4.3-3_i386.changes ACCEPTED
Index(es):
- Date
- Thread