SCIENTIFIC-LINUX-ERRATA Archives

August 2012

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: tetex on SL5.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
Pat Riehecky <[log in to unmask]>
Date:
Thu, 23 Aug 2012 14:45:49 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (78 lines) 
Synopsis:          Moderate: tetex security update
Issue Date:        2012-08-23
CVE Numbers:       CVE-2010-3702
                    CVE-2010-3704
                    CVE-2010-2642
                    CVE-2011-1552
                    CVE-2011-1553
                    CVE-2011-0433
                    CVE-2011-1554
                    CVE-2011-0764

teTeX is an implementation of TeX. TeX takes a text file and a set of
formatting commands as input, and creates a typesetter-independent DeVice
Independent (DVI) file as output.

teTeX embeds a copy of t1lib to rasterize bitmaps from PostScript Type 1
fonts. The following issues affect t1lib code:

Two heap-based buffer overflow flaws were found in the way t1lib processed
Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened
by teTeX, it could cause teTeX to crash or, potentially, execute arbitrary
code with the privileges of the user running teTeX. (CVE-2010-2642,
CVE-2011-0433)

An invalid pointer dereference flaw was found in t1lib. A specially-crafted
font file could, when opened, cause teTeX to crash or, potentially, execute
arbitrary code with the privileges of the user running teTeX.
(CVE-2011-0764)

A use-after-free flaw was found in t1lib. A specially-crafted font file
could, when opened, cause teTeX to crash or, potentially, execute arbitrary
code with the privileges of the user running teTeX. (CVE-2011-1553)

An off-by-one flaw was found in t1lib. A specially-crafted font file could,
when opened, cause teTeX to crash or, potentially, execute arbitrary code
with the privileges of the user running teTeX. (CVE-2011-1554)

An out-of-bounds memory read flaw was found in t1lib. A specially-crafted
font file could, when opened, cause teTeX to crash. (CVE-2011-1552)

teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF)
file viewer, to allow adding images in PDF format to the generated PDF
documents. The following issues affect Xpdf code:

An uninitialized pointer use flaw was discovered in Xpdf. If pdflatex was
used to process a TeX document referencing a specially-crafted PDF file, it
could cause pdflatex to crash or, potentially, execute arbitrary code with
the privileges of the user running pdflatex. (CVE-2010-3702)

An array index error was found in the way Xpdf parsed PostScript Type 1
fonts embedded in PDF documents. If pdflatex was used to process a TeX
document referencing a specially-crafted PDF file, it could cause pdflatex
to crash or, potentially, execute arbitrary code with the privileges of the
user running pdflatex. (CVE-2010-3704)

All users of tetex are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.

SL5
   x86_64
     tetex-3.0-33.15.el5_8.1.x86_64.rpm
     tetex-afm-3.0-33.15.el5_8.1.x86_64.rpm
     tetex-doc-3.0-33.15.el5_8.1.x86_64.rpm
     tetex-dvips-3.0-33.15.el5_8.1.x86_64.rpm
     tetex-fonts-3.0-33.15.el5_8.1.x86_64.rpm
     tetex-latex-3.0-33.15.el5_8.1.x86_64.rpm
     tetex-xdvi-3.0-33.15.el5_8.1.x86_64.rpm
   i386
     tetex-3.0-33.15.el5_8.1.i386.rpm
     tetex-afm-3.0-33.15.el5_8.1.i386.rpm
     tetex-doc-3.0-33.15.el5_8.1.i386.rpm
     tetex-dvips-3.0-33.15.el5_8.1.i386.rpm
     tetex-fonts-3.0-33.15.el5_8.1.i386.rpm
     tetex-latex-3.0-33.15.el5_8.1.i386.rpm
     tetex-xdvi-3.0-33.15.el5_8.1.i386.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2