subject:"\[Full\-disclosure\] \[USN\-515\-1\] t1lib vulnerability"

Re: [Full-disclosure] [USN-515-1] t1lib vulnerability

2007-09-21 Thread 3APA3A

Dear Kees Cook,

CVE-2007-4033  is  Buffer  overflow  in php_gd2.dll in the gd (PHP_GD2)
extension  in  PHP  5.2.3  allows context-dependent attackers to execute
arbitrary code via a long argument to the imagepsloadfont function.

Please, provide valid CVE entry.

--Thursday, September 20, 2007, 12:18:02 AM, you wrote to [EMAIL PROTECTED]:

KC === 
KC Ubuntu Security Notice USN-515-1 September 19, 2007
KC t1lib vulnerability
KC CVE-2007-4033
KC ===


-- 
~/ZARAZA http://securityvulns.com/
Sir Isaac Newton discovered an apple falling to the ground (Mark Twain)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [USN-515-1] t1lib vulnerability

2007-09-21 Thread Kees Cook

Hi,

On Fri, Sep 21, 2007 at 04:30:31PM +0400, 3APA3A wrote:
 CVE-2007-4033  is  Buffer  overflow  in php_gd2.dll in the gd (PHP_GD2)
 extension  in  PHP  5.2.3  allows context-dependent attackers to execute
 arbitrary code via a long argument to the imagepsloadfont function.
 
 Please, provide valid CVE entry.
 
 --Thursday, September 20, 2007, 12:18:02 AM, you wrote to [EMAIL PROTECTED]:
 
 KC === 
 KC Ubuntu Security Notice USN-515-1 September 19, 2007
 KC t1lib vulnerability
 KC CVE-2007-4033
 KC ===

That is the correct CVE -- the true cause of the gd2 issue was in t1lib,
not gd2:

http://www.securityfocus.com/bid/25079/info

-Kees

-- 
Kees Cook


signature.asc
Description: Digital signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [USN-515-1] t1lib vulnerability

2007-09-19 Thread Kees Cook

=== 
Ubuntu Security Notice USN-515-1 September 19, 2007
t1lib vulnerability
CVE-2007-4033
===

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libt1-5 5.1.0-2ubuntu0.6.06.1

Ubuntu 6.10:
  libt1-5 5.1.0-2ubuntu0.6.10.1

Ubuntu 7.04:
  libt1-5 5.1.0-2ubuntu0.7.04.1

In general, a standard system upgrade is sufficient to affect the
necessary changes.

Details follow:

It was discovered that t1lib does not properly perform bounds checking
which can result in a buffer overflow vulnerability.  An attacker could
send specially crafted input to applications linked against t1lib which
could result in a DoS or arbitrary code execution.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.06.1.diff.gz
  Size/MD5:13706 d9ce103e87af790c5225b09bb03d7385

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.06.1.dsc
  Size/MD5:  730 8de933312806448123594efa12bf5cc6
http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0.orig.tar.gz
  Size/MD5:  1838635 a05bed4aa63637052e60690ccde70421

  Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-doc_5.1.0-2ubuntu0.6.06.1_all.deb
  Size/MD5:   608928 07320bc9fab519b6cd8dbcd319b09d41

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_amd64.deb
  Size/MD5:   161724 ca9c66df61dae2f76375742d2530503f

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_amd64.deb
  Size/MD5:   192954 cda5eca98bc7464350edb7d17ff3f279

http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_amd64.deb
  Size/MD5:59342 29ccd99dd546473f7fcc07f27f908606

  i386 architecture (x86 compatible Intel/AMD):


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_i386.deb
  Size/MD5:   140408 0ec3be1685e83742033c0900a1b64a01

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_i386.deb
  Size/MD5:   165518 1a55f8734bbdc58151d9b4b17f46dfbe

http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_i386.deb
  Size/MD5:53286 8e2c1031785c1a13190c6802a45ba063

  powerpc architecture (Apple Macintosh G3/G4/G5):


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_powerpc.deb
  Size/MD5:   156412 53a5770038a14407944a86550e0a2fd2

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_powerpc.deb
  Size/MD5:   205980 8c2a48d82f12e8f7ec571854fcca3017

http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_powerpc.deb
  Size/MD5:54134 d78df8d6e9cdd9f3121386eb31dc3a1f

  sparc architecture (Sun SPARC/UltraSPARC):


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.06.1_sparc.deb
  Size/MD5:   152790 314234020da17d3e68fa69c38e0eb38b

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.06.1_sparc.deb
  Size/MD5:   190472 d69c5aa2d085380b27da2ac72abacf66

http://security.ubuntu.com/ubuntu/pool/universe/t/t1lib/t1lib-bin_5.1.0-2ubuntu0.6.06.1_sparc.deb
  Size/MD5:55842 8610e26e19137d02180f7815576581b7

Updated packages for Ubuntu 6.10:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.10.1.diff.gz
  Size/MD5:13722 e6ab67a2a5bc7117870b14c1f4bb3369

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-2ubuntu0.6.10.1.dsc
  Size/MD5:  730 bc5cb1797c225c7c916acae84de33b48
http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0.orig.tar.gz
  Size/MD5:  1838635 a05bed4aa63637052e60690ccde70421

  Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-doc_5.1.0-2ubuntu0.6.10.1_all.deb
  Size/MD5:   608968 ef34d3b6c3c59710c19bc7e6641a2c20

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):


http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-5_5.1.0-2ubuntu0.6.10.1_amd64.deb
  Size/MD5:   159858 e603e28bd73fcff74a451eb6b57ff0bb

http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/libt1-dev_5.1.0-2ubuntu0.6.10.1_amd64.deb
  Size/MD5:   191042 2f1a62881dd960e18ff39768f244f9d2

Re: [Full-disclosure] [USN-515-1] t1lib vulnerability

Re: [Full-disclosure] [USN-515-1] t1lib vulnerability

[Full-disclosure] [USN-515-1] t1lib vulnerability

3 matches

Site Navigation

Mail list logo

Footer information