-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:005 http://www.mandriva.com/security/ _______________________________________________________________________ Package : evince Date : January 13, 2011 Affected: 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in evince: Array index error in the PK and VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer (CVE-2010-2640, CVE-2010-2641). Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer (CVE-2010-2642). Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer (CVE-2010-2643). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.0: e079913edf4d4f3073865b7d49fe799e 2010.0/i586/evince-2.28.1-1.1mdv2010.0.i586.rpm 799a7a19999cca73b787ea557fabe48b 2010.0/i586/libevince1-2.28.1-1.1mdv2010.0.i586.rpm 9da45de2f8808622d87310139ab0cd57 2010.0/i586/libevince-devel-2.28.1-1.1mdv2010.0.i586.rpm 8cf3fc28bc224cb6d798986b83ff214b 2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 7f547bd0f819bb294155a77992dc3867 2010.0/x86_64/evince-2.28.1-1.1mdv2010.0.x86_64.rpm b49ee796665b1f3690aa8604f398da6f 2010.0/x86_64/lib64evince1-2.28.1-1.1mdv2010.0.x86_64.rpm 2d4d32da719f789cab879b3a057c31e8 2010.0/x86_64/lib64evince-devel-2.28.1-1.1mdv2010.0.x86_64.rpm 8cf3fc28bc224cb6d798986b83ff214b 2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm Mandriva Linux 2010.1: 89ccc35a168dc271615257ca3b9dc15b 2010.1/i586/evince-2.30.3-1.1mdv2010.2.i586.rpm 680a161ca4937b9624d76313f66ece67 2010.1/i586/libevince2-2.30.3-1.1mdv2010.2.i586.rpm 5f2992bce84180aa51ff1b7a6ceb8ff1 2010.1/i586/libevince-devel-2.30.3-1.1mdv2010.2.i586.rpm 1c0b1ce4cb6374b5d83f620669e2ff7f 2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 92b2edf7ebcbc5562b3664d328cfbb84 2010.1/x86_64/evince-2.30.3-1.1mdv2010.2.x86_64.rpm 258d61dca83a88e6a4560e0793ebc35f 2010.1/x86_64/lib64evince2-2.30.3-1.1mdv2010.2.x86_64.rpm 04afd91e85be6701d28e0b1164e7e41f 2010.1/x86_64/lib64evince-devel-2.30.3-1.1mdv2010.2.x86_64.rpm 1c0b1ce4cb6374b5d83f620669e2ff7f 2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm Mandriva Enterprise Server 5: c5187d89da4344a18e4b757f51946671 mes5/i586/evince-2.24.0-2.2mdvmes5.1.i586.rpm 5a81c37bff705aa4b7b9cb8e96a4cbb2 mes5/i586/libevince0-2.24.0-2.2mdvmes5.1.i586.rpm 9e1c0400a275f99fa3a1350b4328e84e mes5/i586/libevince-devel-2.24.0-2.2mdvmes5.1.i586.rpm d4ac7e1574b982ec49d34cfb61026c77 mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: 8f672ce32264b8ca99f5540972a3a7f8 mes5/x86_64/evince-2.24.0-2.2mdvmes5.1.x86_64.rpm 0882e7a97b30c1ecf1ebf7c1dd1bb191 mes5/x86_64/lib64evince0-2.24.0-2.2mdvmes5.1.x86_64.rpm 9bce986a11c112a50911390d965be0c9 mes5/x86_64/lib64evince-devel-2.24.0-2.2mdvmes5.1.x86_64.rpm d4ac7e1574b982ec49d34cfb61026c77 mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNLuyrmqjQ0CJFipgRAi8kAKC7zVrpdQxiuU7w+oVNpNi2l8gAzACfQ14D YAUn/R+xAZUWOs8ScQUXjXI= =C2wo -----END PGP SIGNATURE-----