Twenty Year Anniversary

Mandriva Linux Security Advisory 2011-153

Mandriva Linux Security Advisory 2011-153
Posted Oct 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-153 - The LZW decompressor in the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to and CVE-2011-2896. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary
systems | linux, netbsd, freebsd, openbsd, mandriva
advisories | CVE-2011-2895
MD5 | dec74fce09c274fbef2d8deee7b11b65

Mandriva Linux Security Advisory 2011-153

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:153
http://www.mandriva.com/security/
_______________________________________________________________________

Package : libxfont
Date : October 17, 2011
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been discovered and corrected in libxfont:

The LZW decompressor in (1) the BufCompressedFill function in
fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)
compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before
3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not
properly handle code words that are absent from the decompression
table when encountered, which allows context-dependent attackers
to trigger an infinite loop or a heap-based buffer overflow, and
possibly execute arbitrary code, via a crafted compressed stream,
a related issue to CVE-2006-1168 and CVE-2011-2896 (CVE-2011-2895).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
482f9f25111c17bbf7eab3e526c02d2a 2010.1/i586/libxfont1-1.4.1-1.1mdv2010.2.i586.rpm
e53b66dcacc6908578d2d663fc0b4e32 2010.1/i586/libxfont1-devel-1.4.1-1.1mdv2010.2.i586.rpm
dcd75b98bf6482c3134374fba85ef8d5 2010.1/i586/libxfont1-static-devel-1.4.1-1.1mdv2010.2.i586.rpm
071b839b9b387da16dbe28647169cdc6 2010.1/SRPMS/libxfont-1.4.1-1.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
ac85e7c0a994216ab4b01eaf068e7ed9 2010.1/x86_64/lib64xfont1-1.4.1-1.1mdv2010.2.x86_64.rpm
be2ecb351d2af84eed831d4e4a8546cc 2010.1/x86_64/lib64xfont1-devel-1.4.1-1.1mdv2010.2.x86_64.rpm
12e8118fdefdb42aad4d8939da3ecdd5 2010.1/x86_64/lib64xfont1-static-devel-1.4.1-1.1mdv2010.2.x86_64.rpm
071b839b9b387da16dbe28647169cdc6 2010.1/SRPMS/libxfont-1.4.1-1.1mdv2010.2.src.rpm

Mandriva Linux 2011:
f0eb57ae377b67104ffd242ba2392fce 2011/i586/libxfont1-1.4.3-2.1-mdv2011.0.i586.rpm
6bfd3df3c8d48f791727eec9fda3291c 2011/i586/libxfont1-devel-1.4.3-2.1-mdv2011.0.i586.rpm
d30dd3a4409786fdc28fe7a80321b931 2011/i586/libxfont1-static-devel-1.4.3-2.1-mdv2011.0.i586.rpm
c0e1e359377d217e69f241e922bb3b0f 2011/SRPMS/libxfont-1.4.3-2.1.src.rpm

Mandriva Linux 2011/X86_64:
f1fd069f313ad2663a40b8ecab7fac18 2011/x86_64/lib64xfont1-1.4.3-2.1-mdv2011.0.x86_64.rpm
c88a0f7e76b85c298691f94f3b47e343 2011/x86_64/lib64xfont1-devel-1.4.3-2.1-mdv2011.0.x86_64.rpm
dd21bf4f4d2249dfcadecfa9e5b6fe27 2011/x86_64/lib64xfont1-static-devel-1.4.3-2.1-mdv2011.0.x86_64.rpm
c0e1e359377d217e69f241e922bb3b0f 2011/SRPMS/libxfont-1.4.3-2.1.src.rpm

Mandriva Enterprise Server 5:
c771ee56c18d549596da16a5702b4eec mes5/i586/libxfont1-1.3.3-1.1mdvmes5.2.i586.rpm
fd789a0970d76b2ebb65d80b0bd7644f mes5/i586/libxfont1-devel-1.3.3-1.1mdvmes5.2.i586.rpm
9b2dc8eca6bfb18747c3e245c93e3e66 mes5/i586/libxfont1-static-devel-1.3.3-1.1mdvmes5.2.i586.rpm
ba3875d325e737d7f1bf9c5bb2c23bb3 mes5/SRPMS/libxfont-1.3.3-1.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
4f8d8287abfa8fba3bdc2b0046784a93 mes5/x86_64/lib64xfont1-1.3.3-1.1mdvmes5.2.x86_64.rpm
3c83c6510a09fa870cd04cf28ad172c9 mes5/x86_64/lib64xfont1-devel-1.3.3-1.1mdvmes5.2.x86_64.rpm
f5a6a43b2a538ff55a517321c0b09391 mes5/x86_64/lib64xfont1-static-devel-1.3.3-1.1mdvmes5.2.x86_64.rpm
ba3875d325e737d7f1bf9c5bb2c23bb3 mes5/SRPMS/libxfont-1.3.3-1.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOnDB4mqjQ0CJFipgRAqNoAKDIbrW9UpQHZoiA4fN/Woh9lCgrEwCg0vAJ
tmgY1uRlLS9/q+ma2hmCV7k=
=IBKG
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close