Accepted kdegraphics 4:3.5.5-3etch3 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 05 May 2009 09:45:16 -0400
Source: kdegraphics
Binary: kdegraphics-kfile-plugins ksnapshot kviewshell kghostview libkscan-dev kruler kcoloredit kamera kdegraphics-dev libkscan1 kdegraphics-dbg kview kdegraphics-doc-html kpdf ksvg kdvi kiconedit kfax kfaxview kuickshow kooka kdegraphics kolourpaint kmrml kgamma kpovmodeler
Architecture: source i386 all
Version: 4:3.5.5-3etch3
Distribution: oldstable-security
Urgency: high
Maintainer: noahm@debian.org
Changed-By: Noah Meyerhans <noahm@debian.org>
Description:
kamera - digital camera io_slave for Konqueror
kcoloredit - a color palette editor and color picker for KDE
kdegraphics - graphics apps from the official KDE release
kdegraphics-dbg - debugging symbols for kdegraphics
kdegraphics-dev - development files for the KDE graphics module
kdegraphics-doc-html - KDE graphics documentation in HTML format
kdegraphics-kfile-plugins - KDE metainfo plugins for graphic files
kdvi - dvi viewer for KDE
kfax - G3/G4 fax viewer for KDE
kfaxview - G3/G4 fax viewer for KDE using kviewshell
kgamma - gamma correction module for the KDE Control Center
kghostview - PostScript viewer for KDE
kiconedit - an icon editor for KDE
kmrml - a Konqueror plugin for searching pictures
kolourpaint - a simple paint program for KDE
kooka - scanner program for KDE
kpdf - PDF viewer for KDE
kpovmodeler - a graphical editor for povray scenes
kruler - a screen ruler and color measurement tool for KDE
ksnapshot - screenshot utility for KDE
ksvg - SVG viewer for KDE
kuickshow - KDE image/slideshow viewer
kview - simple image viewer/converter for KDE
kviewshell - generic framework for viewer applications in KDE
libkscan-dev - development files for the KDE scanner library
libkscan1 - scanner library for KDE
Changes:
kdegraphics (4:3.5.5-3etch3) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team
- CVE-2009-0146: Multiple buffer overflows in the JBIG2 decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a crafted PDF
file, related to (1) JBIG2SymbolDict::setBitmap and (2)
JBIG2Stream::readSymbolDictSeg.
- CVE-2009-0147: Multiple integer overflows in the JBIG2 decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a crafted PDF
file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)
JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
- CVE-2009-0165: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to "g*allocn."
- CVE-2009-0166: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, and other products allows remote attackers to cause a denial
of service (crash) via a crafted PDF file that triggers a free of
uninitialized memory.
- CVE-2009-0799: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
that triggers an out-of-bounds read.
- CVE-2009-0800: Multiple "input validation flaws" in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6,
and other products allow remote attackers to execute arbitrary code via
a crafted PDF file.
- CVE-2009-1179: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products
allows remote attackers to execute arbitrary code via a crafted PDF file.
- CVE-2009-1180: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to execute arbitrary code via a crafted PDF file that triggers
a free of invalid data.
- CVE-2009-1181: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (crash) via a crafted PDF file that
triggers a NULL pointer dereference.
- CVE-2009-1182: Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and
other products allow remote attackers to execute arbitrary code via a
crafted PDF file.
- CVE-2009-1183: The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS
1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (infinite loop and hang) via a
crafted PDF file.
Files:
57806c433333025933014631c41e518a 1536 kde optional kdegraphics_3.5.5-3etch3.dsc
2053275597413021f87e328af7f43d0f 432182 kde optional kdegraphics_3.5.5-3etch3.diff.gz
c4a51eb3d3eaf0de3e401e66d77093dd 19940 kde optional kdegraphics_3.5.5-3etch3_all.deb
10d47436c7ad315663e54f5bef6956fe 156348 doc optional kdegraphics-doc-html_3.5.5-3etch3_all.deb
363d4446a465d740fd23c728469bcab1 90496 graphics optional kamera_3.5.5-3etch3_i386.deb
621234e9a9ce4a2241375c4ff8407b23 103970 graphics optional kcoloredit_3.5.5-3etch3_i386.deb
084fb69239a6e3a7d226f403153052f1 102640 devel optional kdegraphics-dev_3.5.5-3etch3_i386.deb
a07ac3d740f874006b7e7194f5719e28 262490 kde optional kdegraphics-kfile-plugins_3.5.5-3etch3_i386.deb
8bc752bdbd54e298afd3f37a20f56d18 532588 graphics optional kdvi_3.5.5-3etch3_i386.deb
4c1747c88b264290e38ada6514218775 146376 graphics optional kfax_3.5.5-3etch3_i386.deb
9394db8868121992889a43502841ad84 108272 graphics optional kfaxview_3.5.5-3etch3_i386.deb
09ccb537e64fbdbda588562666f8c5b3 78866 graphics optional kgamma_3.5.5-3etch3_i386.deb
d04cd6cecb73f366e88b7aa483241e4a 234612 graphics optional kghostview_3.5.5-3etch3_i386.deb
d508e51f067f10665f1edb78c8871c29 177684 graphics optional kiconedit_3.5.5-3etch3_i386.deb
4f5e08323a73c2b5f100dac01c949d47 223606 kde optional kmrml_3.5.5-3etch3_i386.deb
44e0e1869192fcb275e5e46b0aa9517b 1074930 graphics optional kolourpaint_3.5.5-3etch3_i386.deb
1dd0cf90b6f07059456eadc0cdf75a5d 758452 graphics optional kooka_3.5.5-3etch3_i386.deb
1cc39477c0ba3f8dd36346cdd8136033 745290 graphics optional kpdf_3.5.5-3etch3_i386.deb
61201ff71df3528e30ddf66af532b604 2228302 graphics optional kpovmodeler_3.5.5-3etch3_i386.deb
885186d94cd806016d01d88e9fc82c0f 68122 graphics optional kruler_3.5.5-3etch3_i386.deb
80757bd6f6f56c4abd597accb87eaa06 173904 graphics optional ksnapshot_3.5.5-3etch3_i386.deb
e3b837e7596791b4da1377770822e122 1221078 graphics optional ksvg_3.5.5-3etch3_i386.deb
569e64088add9c21e567b94b14372315 493804 graphics optional kuickshow_3.5.5-3etch3_i386.deb
870948b3120613ab4b13cfc8bcfe33b7 401376 graphics optional kview_3.5.5-3etch3_i386.deb
14ddfe9a0d86cc8b93506d9202ebb242 785190 graphics optional kviewshell_3.5.5-3etch3_i386.deb
d1fb6a85662301ba752d8381c138270a 19774 libdevel optional libkscan-dev_3.5.5-3etch3_i386.deb
68aaf8c0424a3e25594360ab58ea60ec 135552 libs optional libkscan1_3.5.5-3etch3_i386.deb
c907475dd78c8f69d8c099d140689ce7 25359080 libdevel extra kdegraphics-dbg_3.5.5-3etch3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKAMN8YrVLjBFATsMRAuiUAJ0asisTRLQwir38s0ffDK1lQ52j5wCdHy9x
KHyakHLh9ZuWFIrKsgF/htI=
=/VAb
-----END PGP SIGNATURE-----
Accepted:
kamera_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kamera_3.5.5-3etch3_i386.deb
kcoloredit_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_i386.deb
kdegraphics-dbg_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_i386.deb
kdegraphics-dev_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_i386.deb
kdegraphics-doc-html_3.5.5-3etch3_all.deb
to pool/main/k/kdegraphics/kdegraphics-doc-html_3.5.5-3etch3_all.deb
kdegraphics-kfile-plugins_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_i386.deb
kdegraphics_3.5.5-3etch3.diff.gz
to pool/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.diff.gz
kdegraphics_3.5.5-3etch3.dsc
to pool/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.dsc
kdegraphics_3.5.5-3etch3_all.deb
to pool/main/k/kdegraphics/kdegraphics_3.5.5-3etch3_all.deb
kdvi_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kdvi_3.5.5-3etch3_i386.deb
kfax_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kfax_3.5.5-3etch3_i386.deb
kfaxview_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kfaxview_3.5.5-3etch3_i386.deb
kgamma_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kgamma_3.5.5-3etch3_i386.deb
kghostview_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kghostview_3.5.5-3etch3_i386.deb
kiconedit_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kiconedit_3.5.5-3etch3_i386.deb
kmrml_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kmrml_3.5.5-3etch3_i386.deb
kolourpaint_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_i386.deb
kooka_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kooka_3.5.5-3etch3_i386.deb
kpdf_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kpdf_3.5.5-3etch3_i386.deb
kpovmodeler_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_i386.deb
kruler_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kruler_3.5.5-3etch3_i386.deb
ksnapshot_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_i386.deb
ksvg_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/ksvg_3.5.5-3etch3_i386.deb
kuickshow_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kuickshow_3.5.5-3etch3_i386.deb
kview_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kview_3.5.5-3etch3_i386.deb
kviewshell_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/kviewshell_3.5.5-3etch3_i386.deb
libkscan-dev_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_i386.deb
libkscan1_3.5.5-3etch3_i386.deb
to pool/main/k/kdegraphics/libkscan1_3.5.5-3etch3_i386.deb
Reply to: