Gentoo Archives: gentoo-announce

From: Raphael Marichez <falco@g.o>
To: gentoo-announce@g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200709-17 ] teTeX: Multiple buffer overflows
Date: Thu, 27 Sep 2007 22:42:31
Message-Id: 20070927215034.GL9684@falco.falcal.net
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200709-17
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: teTeX: Multiple buffer overflows
9 Date: September 27, 2007
10 Bugs: #170861, #182055, #188172
11 ID: 200709-17
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities have been discovered in teTeX, allowing for
19 user-assisted execution of arbitrary code.
20
21 Background
22 ==========
23
24 teTeX is a complete TeX distribution for editing documents.
25
26 Affected packages
27 =================
28
29 -------------------------------------------------------------------
30 Package / Vulnerable / Unaffected
31 -------------------------------------------------------------------
32 1 app-text/tetex < 3.0_p1-r4 >= 3.0_p1-r4
33
34 Description
35 ===========
36
37 Mark Richters discovered a buffer overflow in the open_sty() function
38 in file mkind.c. Other vulnerabilities have also been discovered in the
39 same file but might not be exploitable (CVE-2007-0650). Tetex also
40 includes vulnerable code from GD library (GLSA 200708-05), and from
41 Xpdf (CVE-2007-3387).
42
43 Impact
44 ======
45
46 A remote attacker could entice a user to process a specially crafted
47 PNG, GIF or PDF file, or to execute "makeindex" on an overly long
48 filename. In both cases, this could lead to the remote execution of
49 arbitrary code with the privileges of the user running the application.
50
51 Workaround
52 ==========
53
54 There is no known workaround at this time.
55
56 Resolution
57 ==========
58
59 All teTeX users should upgrade to the latest version:
60
61 # emerge --sync
62 # emerge --ask --oneshot --verbose ">=app-text/tetex-3.0_p1-r4"
63
64 References
65 ==========
66
67 [ 1 ] CVE-2007-0650
68 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0650
69 [ 2 ] CVE-2007-3387
70 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
71 [ 3 ] GLSA-200708-05
72 http://www.gentoo.org/security/en/glsa/glsa-200708-05.xml
73
74 Availability
75 ============
76
77 This GLSA and any updates to it are available for viewing at
78 the Gentoo Security Website:
79
80 http://security.gentoo.org/glsa/glsa-200709-17.xml
81
82 Concerns?
83 =========
84
85 Security is a primary focus of Gentoo Linux and ensuring the
86 confidentiality and security of our users machines is of utmost
87 importance to us. Any security concerns should be addressed to
88 security@g.o or alternatively, you may file a bug at
89 http://bugs.gentoo.org.
90
91 License
92 =======
93
94 Copyright 2007 Gentoo Foundation, Inc; referenced text
95 belongs to its owner(s).
96
97 The contents of this document are licensed under the
98 Creative Commons - Attribution / Share Alike license.
99
100 http://creativecommons.org/licenses/by-sa/2.5