Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2006.0096 -- [UNIX/Linux][Debian] New pdftohtml packages fix arbitrary code execution 2 February 2006 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: pdftohtml Publisher: Debian Operating System: Debian GNU/Linux 3.1 UNIX variants (UNIX, Linux, OSX) Impact: Execute Arbitrary Code/Commands Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2005-3628 CVE-2005-3627 CVE-2005-3626 CVE-2005-3625 CVE-2005-3624 CVE-2005-3193 CVE-2005-3192 CVE-2005-3191 Ref: ESB-2006.0095 Original Bulletin: http://www.debian.org/security/2006/dsa-962 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------------- Debian Security Advisory DSA 962-1 security@debian.org http://www.debian.org/security/ Martin Schulze February 1st, 2006 http://www.debian.org/security/faq - - -------------------------------------------------------------------------- Package : pdftohtml Vulnerability : buffer overflows Problem type : remote Debian-specific: no CVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628 "infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code. The old stable distribution (woody) does not contain pdftohtml packages. For the stable distribution (sarge) these problems have been fixed in version 0.36-11sarge1. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your pdftohtml package. Upgrade Instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1.dsc Size/MD5 checksum: 602 c7095f7045d69bcebca90ade3f62a9a4 http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1.diff.gz Size/MD5 checksum: 11388 17672ff97722b502d4d5b3ab804401e3 http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36.orig.tar.gz Size/MD5 checksum: 300922 75ad095bb51e1f66c9f7691e6af12f44 Alpha architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_alpha.deb Size/MD5 checksum: 313926 ec897e4a81702159e516e823317e8652 AMD64 architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_amd64.deb Size/MD5 checksum: 259576 de188540a99fb893584e2c9a2f1c0e41 ARM architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_arm.deb Size/MD5 checksum: 266372 93821a971df9623124f68216c541f307 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_i386.deb Size/MD5 checksum: 253790 45b7b46b375e72507ebdf83b609b9bd3 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_ia64.deb Size/MD5 checksum: 374010 a64d9a344341b8ff8f88ceba02a2481e HP Precision architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_hppa.deb Size/MD5 checksum: 330128 4ccc9307617411979efbca1d594f463b Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_m68k.deb Size/MD5 checksum: 234598 e14153061b6f573e619f9dbd76bfbda8 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_mips.deb Size/MD5 checksum: 311310 067a76c99fd6f144f7c75613b37493c7 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_mipsel.deb Size/MD5 checksum: 307086 9890b5cec47e5e8e8ae4a9442c326253 PowerPC architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_powerpc.deb Size/MD5 checksum: 269364 9f345aa5ef3480b3d4591eeb4071bfa7 IBM S/390 architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_s390.deb Size/MD5 checksum: 242284 4eb6779646c115bfe6ca7e7baaaaaec8 Sun Sparc architecture: http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_sparc.deb Size/MD5 checksum: 245330 7dbf6432f1cc0a2e6d9b42ffa80b588f These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD4IYGW5ql+IAeqTIRAlbHAJ4hP7FrxciQRk5rYigkVctVpQzSJgCfSkh5 /K5U8eJ0jhDuf366S6/sitw= =QZcd - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQ+GqCSh9+71yA2DNAQJbEwQAgYPCDL4ibAIgDXHekdUFTbOFT2/GXPba ROnDTfGBW6sVLGHZFID7bzsLxIYWZ6qh37jWukcJ/hwgVR4lx6SQczaS3SbmG1Ez WHnsYa3nFSdAHtYIDvj4zLymRgwMSXuG9q3JZGDwwGlMWl+A6cDP5A4rnvfG15T/ b7r4wLQPGEU= =fjJu -----END PGP SIGNATURE-----