Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability

To: Hilmar Preusse <hille42@web.de>
Cc: 322467@bugs.debian.org, Joey Hess <joeyh@debian.org>, Debian Security Team <team@security.debian.org>
Subject: Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability
From: Frank Küster <frank@debian.org>
Date: Thu, 11 Aug 2005 11:11:06 +0200
Message-id: <[🔎] 87br44on2t.fsf@alhambra.kuesterei.ch>
Reply-to: Frank Küster <frank@debian.org>, 322467@bugs.debian.org
In-reply-to: <[🔎] 20050810201817.GA2452@preusse> (Hilmar Preusse's message of "Wed, 10 Aug 2005 22:18:18 +0200")
References: <[🔎] 20050810201817.GA2452@preusse>

found 322467 3.0-5
thanks

Hilmar Preusse <hille42@web.de> wrote:

> Package: tetex-bin
> Version: 2.0.2-31
> Severity: grave
> Tags: patch
> Justification: can result in disk consumption and ultimately lead to a denial of service condition.
>
> Just a reminder,
>
> http://www.securityfocus.com/bid/14529/info
>
> Ubuntu^1 already fixed the xpdf packages. I guess we're affected too,
> as pdftex processes pdf files using the code from xpdf. I did not
> file a bug against xpdf yet. I'm attaching a patch taken from
> ftp://ftp.kde.org/pub/kde/security_patches/ and the sig. According to
> Martin Pitt the original patch was posted to vendor-sec but I'm not
> subscribed to it.

tetex-bin_2.0.2 in sarge, etch, sid, as well as tetex-bin_1.0.7... in
oldstable do not have the files the patch changes.  Moreover, the
strings "loca table" or "codetogid" do not appear in
tetex-bin-{1.0.7...,2.0.2}/libs/, checked with a case-insensitive grep.

However, "truetype" appears lots of times.  Therefore it probably needs
a careful inspection of the code to check whether these are indeed
vulnerable.  It would be best if someone with a decent understanding of
C++ would do that, not me.

tetex-bin_3.0 in experimental is vulnerable.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

Follow-Ups:
- Processed: Re: Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#322467: Please Help (was: Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability)
  - From: Frank Küster <frank@debian.org>

References:
- Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability
  - From: Hilmar Preusse <hille42@web.de>

Prev by Date: Re: Problem while install tetex
Next by Date: control scripts in Debian TeX packages
Previous by thread: Processed: Re: Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability
Next by thread: Processed: Re: Bug#322467: [CAN-2005-2097] Loca Table Verification Remote Denial of Service Vulnerability
Index(es):
- Date
- Thread