CVE-2005-2097
CVSS2.1
发布时间 :2005-08-16 00:00:00
修订时间 :2011-03-07 21:23:23
NMCOPS    

[原文]xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.


[CNNVD]XPDF本地表验证远程拒绝服务漏洞 (CNNVD-200508-119)

        Xpdf和kpdf不能正确地验证PDF文件中的"local"表。这使得本地用户可以借助于具有"损坏的"本地表的PDF文件造成拒绝服务(磁盘损耗和挂起)。这样,当xpdf试图重构信息时,会创建一个大的临时文件。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:kde:kpdf
cpe:/a:xpdf:xpdf:3.0
cpe:/a:xpdf:xpdf:3.0_pl2
cpe:/a:xpdf:xpdf:3.0_pl3

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10280xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumptio...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2097
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-119
(官方数据源) CNNVD

- 其它链接及资源

http://www.vupen.com/english/advisories/2007/2280
(UNKNOWN)  VUPEN  ADV-2007-2280
http://www.ubuntulinux.org/support/documentation/usn/usn-163-1
(VENDOR_ADVISORY)  UBUNTU  USN-163-1
http://www.securityfocus.com/bid/14529
(UNKNOWN)  BID  14529
http://www.securityfocus.com/archive/1/archive/1/427990/100/0/threaded
(UNKNOWN)  FEDORA  FLSA:175404
http://www.securityfocus.com/archive/1/archive/1/427053/100/0/threaded
(UNKNOWN)  FEDORA  FLSA-2006:176751
http://www.redhat.com/support/errata/RHSA-2005-708.html
(UNKNOWN)  REDHAT  RHSA-2005:708
http://www.redhat.com/support/errata/RHSA-2005-706.html
(UNKNOWN)  REDHAT  RHSA-2005:706
http://www.redhat.com/support/errata/RHSA-2005-671.html
(UNKNOWN)  REDHAT  RHSA-2005:671
http://www.redhat.com/support/errata/RHSA-2005-670.html
(UNKNOWN)  REDHAT  RHSA-2005:670
http://www.novell.com/linux/security/advisories/2005_19_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:019
http://www.mandriva.com/security/advisories?name=MDKSA-2005:138
(UNKNOWN)  MANDRIVA  MDKSA-2005:138
http://www.debian.org/security/2006/dsa-936
(VENDOR_ADVISORY)  DEBIAN  DSA-936
http://www.debian.org/security/2006/dsa-1136
(UNKNOWN)  DEBIAN  DSA-1136
http://www.debian.org/security/2005/dsa-780
(UNKNOWN)  DEBIAN  DSA-780
http://secunia.com/advisories/21339
(UNKNOWN)  SECUNIA  21339
http://secunia.com/advisories/18407
(VENDOR_ADVISORY)  SECUNIA  18407
http://secunia.com/advisories/18398
(VENDOR_ADVISORY)  SECUNIA  18398
http://secunia.com/advisories/17277
(VENDOR_ADVISORY)  SECUNIA  17277
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
(UNKNOWN)  SCO  SCOSA-2005.42
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
(UNKNOWN)  SUNALERT  102972
http://secunia.com/advisories/25729
(UNKNOWN)  SECUNIA  25729

- 漏洞信息

XPDF本地表验证远程拒绝服务漏洞
低危 其他
2005-08-16 00:00:00 2007-02-20 00:00:00
远程  
        Xpdf和kpdf不能正确地验证PDF文件中的"local"表。这使得本地用户可以借助于具有"损坏的"本地表的PDF文件造成拒绝服务(磁盘损耗和挂起)。这样,当xpdf试图重构信息时,会创建一个大的临时文件。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Sun Solaris 10.0
        Sun 120739-04
        SPARC Platform
        http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -120739-04-1
        Turbolinux Turbolinux 10 F...
        Turbolinux cups-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-1.1.19-26.i586.rpm
        Turbolinux cups-devel-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-devel-1.1.19-26.i586.rpm
        Turbolinux cups-libs-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-libs-1.1.19-26.i586.rpm
        Turbolinux Home
        Turbolinux cups-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-1.1.19-26.i586.rpm
        Turbolinux cups-devel-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-devel-1.1.19-26.i586.rpm
        Turbolinux cups-libs-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-libs-1.1.19-26.i586.rpm
        Sun Solaris 10.0_x86
        Sun 120740-04
        x86 Platform
        http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -120740-04-1
        TurboLinux Personal
        Turbolinux cups-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-1.1.19-26.i586.rpm
        Turbolinux cups-devel-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-devel-1.1.19-26.i586.rpm
        Turbolinux cups-libs-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-libs-1.1.19-26.i586.rpm
        TurboLinux Multimedia
        Turbolinux cups-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-1.1.19-26.i586.rpm
        Turbolinux cups-devel-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-devel-1.1.19-26.i586.rpm
        Turbolinux cups-libs-1.1.19-26.i586.rpm
        Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/cups-libs-1.1.19-26.i586.rpm
        Turbolinux Appliance Server Workgroup Edition 1.0
        Turbolinux cups-1.1.19-26.i586.rpm
        Turbolinux Appliance Server and Workgroup 1.0 Hosting Edition
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/
        Turbolinux cups-devel-1.1.19-26.i586.rpm
        Turbolinux 8 Workstation
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/
        Turbolinux cups-libs-1.1.19-26.i586.rpm
        Turbolinux 8 Workstation
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/
        Turbolinux Appliance Server Hosting Edition 1.0
        Turbolinux cups-1.1.19-26.i586.rpm
        Turbolinux Appliance Server and Workgroup 1.0 Hosting Edition
        ftp://

- 漏洞信息 (F49007)

Debian Linux Security Advisory 1136-1 (PacketStormID:F49007)
2006-08-17 00:00:00
Debian  debian.org
advisory,denial of service,overflow,arbitrary
linux,debian
CVE-2005-2097
[点击下载]

Debian Security Advisory 1136-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1136-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 2nd, 2006                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gpdf
Vulnerability  : wrong input sanitising
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2005-2097
BugTraq ID     : 14529
Debian Bug     : 334454

"infamous41md" and Chris Evans discovered several heap based buffer
overflows in xpdf, the Portable Document Format (PDF) suite, which are
also present in gpdf, the viewer with Gtk bindings, and which can lead
to a denial of service by crashing the application or possibly to the
execution of arbitrary code.

For the stable distribution (sarge) these problems have been fixed in
version 2.8.2-1.2sarge5.

For the unstable distribution (sid) these problems have been fixed in
version 2.10.0-4.

We recommend that you upgrade your gpdf package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5.dsc
      Size/MD5 checksum:     1663 d7cd341afa44a55b1d6b6e177506df73
    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5.diff.gz
      Size/MD5 checksum:    37001 4c0f08229d68b89376f1dafbd2785602
    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2.orig.tar.gz
      Size/MD5 checksum:  1245535 5ceb66aa95e51c4e1d6e10cb29560ff9

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_alpha.deb
      Size/MD5 checksum:   868192 a1165a52e231ad0d7288956259f6dac1

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_amd64.deb
      Size/MD5 checksum:   795826 b77396935f929046e71688cf6c803718

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_arm.deb
      Size/MD5 checksum:   781744 4bd8fcb7aa0e8d8073f9c834f492273e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_i386.deb
      Size/MD5 checksum:   782022 6e3c2f14a9f79a0fa8d6c7146329cf55

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_ia64.deb
      Size/MD5 checksum:   958464 f60ab132197b6451be37e95c7b0802f6

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_hppa.deb
      Size/MD5 checksum:   859960 52fc5ab1c1c7b0a337093196d08076af

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_m68k.deb
      Size/MD5 checksum:   746044 07af12e76e683943d028347673b325dc

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_mips.deb
      Size/MD5 checksum:   818708 789e70f91a8b43909790389833f5c2f9

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_mipsel.deb
      Size/MD5 checksum:   811194 6f27ce39b1d79d49992ae66e6fc45b13

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_powerpc.deb
      Size/MD5 checksum:   799932 f7f6e5df3d35a4e24ef714a02300bb89

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_s390.deb
      Size/MD5 checksum:   776202 0c511feed7677d69e5e9b901239c25e0

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge5_sparc.deb
      Size/MD5 checksum:   763980 90c9205b4bc9b61b46d8d46c09e74b83


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE0NFDW5ql+IAeqTIRAgiMAKCwmRMFU8xGjhI4x1PIdheeLKxFAQCgs3pU
rbZd04m1abOmaJXU6vDNBgg=
=pThg
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F43007)

Debian Linux Security Advisory 936-1 (PacketStormID:F43007)
2006-01-12 00:00:00
Debian  debian.org
advisory,denial of service,overflow,arbitrary
linux,debian
CVE-2005-3191,CVE-2005-3192,CVE-2005-3193,CVE-2005-2097,CVE-2005-3624,CVE-2005-3625,CVE-2005-3626,CVE-2005-3627,CVE-2005-3628
[点击下载]

Debian Security Advisory DSA 936-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 936-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
January 11th, 2006                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : libextractor
Vulnerability  : buffer overflows
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-2097
                 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
                 CVE-2005-3628

"infamous41md" and Chris Evans discovered several heap based buffer
overflows in xpdf, the Portable Document Format (PDF) suite, which is
also present in libextractor, a library to extract arbitrary meta-data
from files, and which can lead to a denial of service by crashing the
application or possibly to the execution of arbitrary code.

The old stable distribution (woody) does not contain libextractor
packages.

For the stable distribution (sarge) these problems have been fixed in
version 0.4.2-2sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 0.5.8-1.

We recommend that you upgrade your libextractor packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge2.dsc
      Size/MD5 checksum:      778 6906857074772199e2a8a892feb3aae2
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge2.diff.gz
      Size/MD5 checksum:     6345 c214699bde0bfad501cede35488b4f09
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2.orig.tar.gz
      Size/MD5 checksum:  5887095 d99e1b13a017d39700e376a0edbf7ba2

  Alpha architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_alpha.deb
      Size/MD5 checksum:    19424 59bb8cddd5c80fb1cba57796b9445dab
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_alpha.deb
      Size/MD5 checksum:  5804676 9942575a95cb97dfcae26b156dca7a58
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_alpha.deb
      Size/MD5 checksum:    19204 fed48ebb930e6a7d3484bd75c8263a81

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_amd64.deb
      Size/MD5 checksum:    18098 7d4a40679062c4d2d70f9c08dc785559
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_amd64.deb
      Size/MD5 checksum:  5641300 ff1bac0e15d1a6ff630a6ced168e284f
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_amd64.deb
      Size/MD5 checksum:    17364 54dd55236286550d6cadc8dbb3df9ccd

  ARM architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_arm.deb
      Size/MD5 checksum:    17480 aa541fc867f51588b676aa23d34e25a8
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_arm.deb
      Size/MD5 checksum:  5710616 ed153d5e88e899f4e27ae5a67c5e45d0
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_arm.deb
      Size/MD5 checksum:    16784 7a7f73139e8c0c62187179e993734932

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_i386.deb
      Size/MD5 checksum:    17624 5419b495e3df96a658e1323c83f7faf9
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_i386.deb
      Size/MD5 checksum:  5713300 1bc2a3ab8b321b543a1ae92590e76f8b
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_i386.deb
      Size/MD5 checksum:    16546 71e4044ff8d923cd56d4bb046be1b37f

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_ia64.deb
      Size/MD5 checksum:    20404 cdea8cf2f6cd2b8a761ccca2a2d85421
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_ia64.deb
      Size/MD5 checksum:  5905266 98f5de1716817b660791a92d5ee7c6a6
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_ia64.deb
      Size/MD5 checksum:    19140 d780e22f3cd6c6204de3db711f068dcd

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_hppa.deb
      Size/MD5 checksum:    18560 70ae8b43a0cd581a36a8097fc94c2172
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_hppa.deb
      Size/MD5 checksum:  5687318 a241f7e800ac5cbd7f45fdafeae267ac
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_hppa.deb
      Size/MD5 checksum:    17710 c1848801758081872515d88f86938537

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_m68k.deb
      Size/MD5 checksum:    17184 d64fcc89500919e03805e47dbb9eca52
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_m68k.deb
      Size/MD5 checksum:  5708190 0d20df48cd437a99544bf748a1c89ea9
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_m68k.deb
      Size/MD5 checksum:    16404 0e47447d4b7007d4016c32a81f2b66f4

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_mips.deb
      Size/MD5 checksum:    18416 38f460cbf16a6c2a3c735c5a6545013a
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_mips.deb
      Size/MD5 checksum:  5729074 76787645b83e4438fc79325410114c99
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_mips.deb
      Size/MD5 checksum:    17700 8cbf4e1556b59d982589d27e5af1211e

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_mipsel.deb
      Size/MD5 checksum:    18460 dfaad60fd479b74c72c46680d92c5920
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_mipsel.deb
      Size/MD5 checksum:  5726846 0d9ad0d53eddd3503cdc2fce6b118595
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_mipsel.deb
      Size/MD5 checksum:    17734 a74a4df56930cd6e1ec289a714fe2225

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_powerpc.deb
      Size/MD5 checksum:    19600 0fbb4093db271d5924d8e1fb81d0c5c3
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_powerpc.deb
      Size/MD5 checksum:  5677812 543192c6a5b6b89fdc0cc0c5b3f2befe
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_powerpc.deb
      Size/MD5 checksum:    17556 bd868a198744609509201e7af0e33ab9

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_s390.deb
      Size/MD5 checksum:    17974 f16109dd971b139abc8a2194731e33c8
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_s390.deb
      Size/MD5 checksum:  5768028 dfda84e8d1a0e53794418a77a09d801f
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_s390.deb
      Size/MD5 checksum:    17918 da3bb3df7f86443b1f36ed4b5bcc0113

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge2_sparc.deb
      Size/MD5 checksum:    17480 1ef23c92384723ab64b315b7d8d51089
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge2_sparc.deb
      Size/MD5 checksum:  5752164 91a3ad11d2f029e99955b2c54088e034
    http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge2_sparc.deb
      Size/MD5 checksum:    16696 87e4150b6738d9921728a1e594bc4904


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDxMoyW5ql+IAeqTIRAoa3AJ4wdQARyff9H2Mjm+0DBiZr4i2HXACfT3tc
/HQ6b6/FOirsuLBIBvIWdew=
=McFo
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F39543)

Debian Linux Security Advisory 780-1 (PacketStormID:F39543)
2005-08-24 00:00:00
Debian  debian.org
advisory
linux,debian
CVE-2005-2097
[点击下载]

Debian Security Advisory DSA 780-1 - A bug has been discovered in the font handling code in xpdf, which is also present in kpdf, the PDF viewer for KDE. A specially crafted PDF file could cause infinite resource consumption, in terms of both CPU and disk space.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 780-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 22nd, 2005                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : kdegraphics
Vulnerability  : wrong input sanitising
Problem-Type   : local (remote)
Debian-specific: no
CVE ID         : CAN-2005-2097

A bug has been discovered in the font handling code in xpdf, which is
also present in kpdf, the PDF viewer for KDE.  A specially crafted PDF
file could cause infinite resource consumption, in terms of both CPU
and disk space.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in
version 3.3.2-2sarge1.

For the unstable distribution (sid) this problem will be fixed as soon
as the necessary libraries have made their C++ ABI transition.

We recommend that you upgrade your kpdf package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge1.dsc
      Size/MD5 checksum:     1317 ebc131e766736e637b2e30151dee6a6d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge1.diff.gz
      Size/MD5 checksum:   156211 5d067cd9bc49c92cb7ff7ab98547e23e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2.orig.tar.gz
      Size/MD5 checksum:  7661488 6d0bb2c6e2e2f666d123778fbc520317

  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge1_all.deb
      Size/MD5 checksum:    17486 9600d747c831ded3133f24e8fa01047d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:    92356 4c27e2725daa34b6fb07d6116b88ce5b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   108972 f5cda9ddad026dbcee8540d8424adb18
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:    64878 c3117b2b078b60bb9334abf0d4f67008
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   276102 851cb0bdf23b1f4cd0fd02ca0fcb74e5
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   497444 46c1eddc4353d110a2ad28cee9d1ac8b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   149196 10d492126b04fdf42b97f9c9844e5bfe
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:    92818 104aa6a68ef4cde228cce3d743c168f4
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   245808 789f67ae1a03118d18c529ae5f14a2b6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   159402 d9048b984c10f5c100b790ab897289f2
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   244430 0bcf5aed02cc7d2e2f686cde7e978276
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   831072 cd18f57535cf1d312b703195d396e291
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   773948 edc09d16e385f33b01eca8f9b6e48a58
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   533544 8067051311d0097925f3af26c6294584
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:  2317434 5ce4f90805dfa611a4aa227865986699
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:    63278 a89aa5eb359a1adfa1f7e1915748d870
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   102972 2b985ab5814c9ade0534d863317f4aa4
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:  1357518 165a6c673b0e33afbea05acc70bf39e3
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   483676 cd5261b36df303d20117a8e825e95bc8
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   695300 9e0733ad5df4938a625a8cbaff21ef8d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   183748 0fd1d18659e24f3c8f89d7b4995f39d6
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:    32988 29faf48a61b1b1c84128266bc2ffa5c0
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_alpha.deb
      Size/MD5 checksum:   148100 75b6adc0628036a33ff1d51efdc189aa

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:    87822 9b70fbc748a9f68e3a5a0f368f3e1ddd
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   100170 52654d65b477a8710d3fae0b05780044
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:    64866 15e1090f2d6df0285e8292500cba399d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   252012 a142a51484236f807cbbb6c56044c67f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   485570 30eddb1e715932a7d0f81ee2cf7de05f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   144764 2908552d351bf72d8fda19a6b90fc590
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:    87740 1db646408a94a7e300d75c1ee02e79d8
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   233808 103e4e6cff812c6ff7d42d7ad3488c13
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   143346 7a64fd82ffe7e711e48786fd309d6e6b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   233772 4bf40313e69524fc332085d433d5159c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   767846 7530fbe924a8b3b3c23b9292c317cc63
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   759514 2613924ca4b572a529cf66457470641c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   485156 23079b6afb891ad7c67d993769e1032b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:  2233214 6b209ef37d36fc05c93da3d2a76a86b3
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:    62948 0d5e479c4666c5846d702acfb56148bd
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:    99710 2646c4a54dec994a965206db747171c8
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:  1223308 5a7fd59c6e9d4776496e2d725fbed82f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   477530 5b57d3556fe792dcf4c0e007540159f7
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   678468 68dd6c149c823ff56fc5b57e4229706f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   173086 c9dcda7de7b5ad7e3a1508fedc75ad8a
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:    32994 b3588ac77645aef9cc92a83540730346
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_amd64.deb
      Size/MD5 checksum:   140022 22f630ee494bc7eb519bcc14313d5e4a

  ARM architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    82250 baa085ea19330e84a3abd94515f7d168
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    88270 de3365d10776d55e1c1620446d981dc6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    64878 90c7b3c1a7582132eb0603d68168a1b4
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   222850 0978d21e0a96f692b8baba4114ee7baf
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   471158 918fba19e1e109ac537c68249fa7a593
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   137128 70a843a27e9eea52cf64e05387fd23e9
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    84842 5249716c2180c3a5edb9003d55c3e8d4
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   217360 74506141d685fed97522bab470398d6b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   127438 48c96cd302fa42b8dd8496a1be98715b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   210156 1e7ad00b372fedcda81819c359b9ae93
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   712084 a8e1401f9bc24bc6539576cefecdbab8
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   739560 03766cf0162fcef8770f30e9f4c78109
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   423288 528e4c9ebfb6b8a8ba551e74e5f2c998
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:  2095070 2c348b48f42318daa7b0b8fb07057257
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    59132 bfe30049a7e51439cacf0866381de862
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    93222 0e7e96628b9b435bb83a36bb0e75ad2b
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:  1310338 350d11c901c66df3091b6f479eddfc9d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   465346 006f11dc8480026403d19d7b0ee6026f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   641186 67ae9d88bd380387cdf07b02e30b68b2
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   155020 7f6f38fdc117b74fb6b5bc69f760dfd7
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:    32988 24b564b6b4141c41bce3117a2701cec8
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_arm.deb
      Size/MD5 checksum:   124092 a99ee9bb137695753f695d0da022e82b

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    85780 0b9e0deed6bcab59e670dcf2760308e6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    95314 97ac302e5db1dfcdf2fe46855e26dd2a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    64864 620508089c05d1b0456e1a5db2430db6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   221892 2fcffb325ac45d375ff1c4c7fda70c58
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   483818 e45b8ea73f0c13ae42b179c2fa5aa7d8
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   140348 f54982596f6c3a4bd964a00d4d0dc5f7
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    85740 9f4464544e5b2896fdd42099c1c86055
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   227328 be30e2999fb858c6e847dcf36887b698
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   135762 6e79cfe95f146487c7ce6de512cec79d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   221624 55e6379db91b99e88e73b4840723a8fa
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   748206 253c62defc69c4e69309162911a4bda2
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   750498 6e3161933baab955b5b36549b7d27334
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   454320 b4fdb5150ee80ebe04479352b242d9bc
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:  2205602 6a44f65836b3d118b12528d9d9afb0d7
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    62410 225ebbf024611ebce3279c0b9e2bef51
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    97088 1054e3ed216b5035f03d3cabe1010dae
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:  1220680 272d37d7cfcd602de64f6fa244c543ff
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   471924 83fe637bc5d26ade669c418b0af93349
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   643350 beeb0328d200bc76156d5c4906e1402c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   166782 21425caeb998dd65bde7294f61742d92
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:    32978 1b9385e4a9c8cb8ac4ff699dc9f5d607
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_i386.deb
      Size/MD5 checksum:   134396 bfe4a49fe1c48db380785a508def451c

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   102276 7943e7d79593c34fce37c1159d5cf30d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   117668 16e8c83cc8bac934cd6417558f48a865
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:    64862 3a0bb2ffe69f7b9ebcad173b3d4f454a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   322810 096f9b6fc92f07ffc5324412192e2fb0
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   540486 e7636ee1c96f011c99b3bdda0f454ca1
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   159954 f05d11d592b614a1d5a63775572761d6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   103796 d0464c7c06329341264a46aa7c70fafd
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   280668 a688c33a6aec49d8f2d160b659c6389e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   176048 feaa27c1b0c4b0bff24089f21f659866
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   277174 bf70614f4124c05106ef38de41b309ad
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   888280 1f0db827084157085cc0954347e6b171
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   798870 55a2f927e0deb69d76a588dae8c72965
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   627928 eea827b424a36172321aca0789de8afc
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:  2537722 8b0dc4b6f1c76e08856f42350552ff4e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:    67638 1b9045214e78444184b7683a4f91a586
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   108022 31e80a57966978d153ebd8098790aaff
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:  1417004 c13497b6acc7dd6930a1edca8fd09d3d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   501472 5a3191e0e8deeb9c56fcb06ed58f4643
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   730606 f7043373440068b8914afe2baa5daa54
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   205628 5c60f9c851df54ed0a09ca5185166636
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:    32976 130ba280d27394752188d1d90dbe3c3e
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_ia64.deb
      Size/MD5 checksum:   170370 64acfb358a86e9a06f69cc4ea73122b1

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:    93096 d38c27b5506f93ec96f948727cc9baa0
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   101112 bded9edb4b753643dfbcc974b99d6b1d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:    64882 39c979ec183f2594d2b52af9224fe29b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   270810 8be38e93f342a784fcc9c48f8d410f4a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   505280 7557e2ced9d452771b3c623e30f9b04c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   146084 6ea6d794e0598b824e73e6d47782e95e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:    93092 3a8fa68467154912e47893eaa801c83d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   250044 c93ea94728bb1f3547b711d344dc24b9
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   146234 9d9b89cd7a246a9f615df71d3d4b1046
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   245892 4fec5f17c12ba0e408bd0b0057a51a3b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   796792 f9c5b7213420aab5c4f50e90e23e94dd
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   757362 ec9ea8880050908af8aaa5080f9c177f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   534422 9b4b618a81360b5491462c8761c5927f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:  2371418 b263190d09768f93297e46cc18e61f0e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:    61278 e9f36a960a51c9905b2e1a8bf4b66f0d
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:    99074 8b39b0e6e134a000c270fde8c9957000
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:  1562880 7184dab40b2b41156b65fb7bf4bd50f5
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   484934 e13e6905bc9ac970ccafce9c91a0a96e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   700724 b4634e9d684b3f19a3cba397e535c624
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   183716 f4c153855d51c551d231898ab0b33aa7
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:    32990 952b03303720e7c2502051a2625b98c3
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_hppa.deb
      Size/MD5 checksum:   147872 08519cd71aff44a3ef78736d3f68320e

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    85230 3040f0a7f66b4bf7f14b52e9acfa91ca
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    90964 3407d1ccfc1fd93229dab1eb72a34e65
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    64908 5ef8a19cadca3c38401611b243bc3d47
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   229406 9fb15bce4479875807ffe0585187b6b3
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   476834 0b3ec79283328c3b4249deaf6ab9b80c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   138420 8f6149a1743bb04c6337328b07634f73
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    85060 486d146f89c6c1c8c4b70afa3785db48
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   229240 fa420ebaf217142fb583efa5ae59a228
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   128490 323645c377ce97f149a9e78f43e2f9e9
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   223438 3c4f4d0c11c07304cfad7b8581c2dcb7
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   704958 fc851084f01843e18402820f5ac2bb8e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   743020 fe1a6b7676ad3d5dcf36f982dbb0d554
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   446880 fe7bf58dcbe5faf3866cf036d41f7c47
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:  2148644 00b8c80b12a74297b7de146e34eb33da
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    61148 861d3abf2cec8f3aee4965e05b6fa202
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    96492 653f26d8548d7084ef1bb224d292123c
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:  1315818 5e938eaf20fd5470c8980316c5876199
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   475692 ffea8216d80fdb00cc9c80afa6d97f9c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   682378 8b7fd3e5440812f15017affb527c564a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   166130 4e372046b447daae596c08e0fafdf080
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:    33004 05e93f6e5a82c03ab2203dd71a680741
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_m68k.deb
      Size/MD5 checksum:   133822 fe651394adaac7f5b3def2b4525927db

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:    79588 320ba0454eb9e8f1e9a483afe399ce6a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   102400 f3e438dac8d4f2d1a05f8b92999b4ee8
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:    64876 1672a7f2272c716d00cbc21c02cecd1c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   217786 cec5fd2f96408b43c4dbbacac292e6e6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   460916 6b371e06097c9e3838d8585d736435a2
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   140418 8a276f8fd9fc89db59745696e4e58d58
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:    81714 f1708aff28fe181b97ac5cc1b951e136
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   215620 5f29d8e3f74702b68a63fb78171c526b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   146072 2dce253a63aa782f199df2f911fbc7c0
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   203910 6ca8cc54360ed49620385ab2e9a829a7
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   787874 f11abbe9095a2b591749ecbbc13ba513
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   756042 b2bf9e8f6bb356068907b74f2caded32
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   455090 a86a475488df75d136121ce304df3181
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:  2057250 a4d702b4ff8fd54ac3a262865149be8f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:    59144 f4b88416a21e24c331d7316a146d9c73
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:    97620 4df70ac97b5e757bd416d553c48f4b94
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:  1126910 73dc17f6e937d8ffd1d5501450afa2e9
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   463526 8654998c9ed3ce8c5258c017655ec70c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   649620 d6329d53115728e9cee4768b4175806f
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   156680 f9ae5b8328100bf48d3f07423ffd9f42
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:    32994 e022e06fc47d21efad8b685d4813c1bb
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_mips.deb
      Size/MD5 checksum:   124426 cd29a2aa6b1ee6b8e00901b3b526cf37

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:    78940 c4b8c8a2e7b1001dd18d7daa11c7b3d0
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   101482 36d3640c5c2a21943020ac8b93a0eed6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:    64876 a778abe63cd4f5a8d62549bed4db3095
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   215718 edcc26b455a5d02d4cc9091fb85618a6
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   459532 6000a088add7baa74be611a1bc3767d3
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   139428 6c05ed943a63af873cd146a5e736e712
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:    81244 5c09e46538b536695705ed69f5237d82
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   213098 d5954f887dd74d0a7d7dc08eb39918ab
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   144418 e593de07d81e7a2092b575cd42aae48c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   201506 19c01b98e37656aeaf19ed5d7e5a8247
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   785098 a0443b6d1f2773078d9a3ad84543c92e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   754142 6673724060c082355cda60221bde6c46
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   446138 f819386cd621c72aafb09a34e3144461
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:  2045876 0956e236ace9fb7ce7f793a42a9219d9
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:    58940 f81b3569e14fdf5cf4c2edf229fd3c58
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:    97060 0b5ebfc3a37a80aa4c93d09d0ce043e5
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:  1101628 e5307ba00875593a9112a8e30b06a88c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   461734 34e7ae162e22fa71f6fc9fea69ea38f9
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   647112 e88c39705646803cc708b917cc8731ec
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   154552 01fc99c1813bc2f27f6ed13f372fbd91
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:    32994 2a97a9b8bc15ba1aad2aa76fd1091058
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_mipsel.deb
      Size/MD5 checksum:   122262 25f9a25485f7b0043aab4e96f8c957ab

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    84522 0617f2a2fe79050cbcd5c0433eedb574
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    94448 516a319c0c18330abadb82909381ebed
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    64874 380e4550895d3fadcd4f3c38ec7220c7
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   249430 17f00270dace7349c321b60de40e3468
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   474482 dda4fb9b4e16a8b89baa7cd73e91a855
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   140562 a37db7a33179632530023b5131dc303b
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    85044 723018269d7e73d1455c42bb949c1768
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   224698 b6111fce26efd57be09d60651da5f06a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   132408 5b14c8db5bc18ba694e39fd538a6a52e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   222062 f7d77920b4e7f8cb17cfac598a17e651
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   725218 a4b7060974a5d7e66f1a22a5647a8943
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   744026 6ee3f53591229aa0a51b206d29f7a2b1
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   463888 cb328f7734f828bfdafce5e9adee7b44
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:  2142194 28078f8a60724c07ae1ed22a4c2a1228
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    60900 3a900ba50b543f5c68a7ccbda282f0f7
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    95412 e613520b6600ba2b32c74329aee39fce
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:  1190936 7455b476d5a6ce576dd533d45feb8d18
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   470052 4f4180ad347d8b0fe1107ab77855cfb3
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   676116 3480412ada6f951989fb7febfe76a477
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   161618 5279d08eeedae2b40b2840f7c56530e3
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:    32994 c499e55139c0fd45936553b6758070e7
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_powerpc.deb
      Size/MD5 checksum:   132134 668beb1bc70785025540c3a3d0645079

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:    89736 7c15f232d98f4dda0777459e8f0f6c9a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:    98204 fcadd968fe6a1b1997d7e429f9fdb650
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:    64886 ad0a3a89d75c1640a907dbe1213c7cbd
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   236354 beda8d86130a8c7a17a41347e55374c8
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   484838 60237ce47ec2423ae10bf3eeb0789832
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   145274 f46a5698b53dfd97432a6099acc60d7d
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:    87022 3d9ba22c0088ad1ee9de4b3ebce790ab
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   243994 dfbb12197898760c72b51d6f82c1f0e2
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   140706 827b336106370c0d23774360b199a559
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   239570 b131f59238085a6c150e77f8eaaf1a53
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   765814 9e90d82ee36e8e981706380edfc9c305
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   755476 7ffc4741649f07d6fb5e3d90fc5b6aaa
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   495884 cce1b4d0b29d6dc078ee6bcbae2590fb
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:  2195546 1a3d8fa2745f03f9402afa32d32a0dc4
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:    62930 cc788509b94f7d0a57bdfc2ac064e27c
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   100612 a3a3c5e08e897420a9ccd9a727ac5c03
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:  1192422 971bc9b9538a9b260e417345a4eed8f5
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   481556 546615b8b19d828d0efb8bb56190d125
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   682606 ac4dd3ad2e14a2f5bfc9afb76632c44a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   176528 61bc8c16536e23d9773d944c939e2b49
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:    32996 c87893ae398552624923d9754f6b04b1
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_s390.deb
      Size/MD5 checksum:   142084 7370c1b25e69613a67e35241ba9069cc

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    82148 e50dba5cc6e0b7e797da9e433588639c
    http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    90598 e5500b0a121d7174ffe679508ddb678e
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    64882 bcb34167497b09494ea322ee940cde4a
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   219056 fb9175c22e4deb27e90cac82c5435664
    http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   477400 f6977c7e0665a7d29f00e1650aa15112
    http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   137828 3923fcaf462f186ec91f3ddc202caceb
    http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    83088 e63c234c8b89c7285982132706985602
    http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   223650 970d8542a751276c909f278e9b9ca6de
    http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   130392 97d0bfdb0e38e42ccb4050ac0e3d47cc
    http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   213450 84f231185dabc68bcb559af0b35162ab
    http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   714028 88f93090d95e279aaf7b38babfc076d0
    http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   743910 dff4d2991ab5362385544efad3a1e738
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   450642 c536522c3840cf8b34126c446ce68742
    http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:  2142452 48ef73ee9308053a61fce78b39db5216
    http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    60052 abaf5f039ce2e023813ab9eece9dbc61
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    94976 9122cbb5dc7fee95b4368bbc3ceed05c
    http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:  1175106 39afbc8da08d463daa645011fdaec3fe
    http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   469076 eeac80b33806103b9a8d18ed0d4c5f40
    http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   639578 7d3cb4797f6cb158b2205d05e9914695
    http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   160172 c10f53d6c2cbf50c8d6ae2d3b099b030
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:    32994 9309c7b9d6ffbaf26742a4db7812cdbc
    http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge1_sparc.deb
      Size/MD5 checksum:   128624 95cc552be640dc74963663358b917d24


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDCZ1JW5ql+IAeqTIRAlqXAJ4txZKBmLHWnasm9h83mfaDU/b5HACdH3dX
K72LMz+gjJ9ipSULvUtKZkc=
=NYrR
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F39422)

Gentoo Linux Security Advisory 200508-8 (PacketStormID:F39422)
2005-08-17 00:00:00
Gentoo  security.gentoo.org
advisory
linux,gentoo
CVE-2005-2097
[点击下载]

Gentoo Linux Security Advisory GLSA 200508-08 - Xpdf, Kpdf and GPdf do not handle a broken table of embedded TrueType fonts correctly. After detecting such a table, Xpdf, Kpdf and GPdf attempt to reconstruct the information in it by decoding the PDF file, which causes the generation of a huge temporary file. Versions less than 3.00-r10 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200508-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Xpdf, Kpdf, GPdf: Denial of Service vulnerability
      Date: August 16, 2005
      Bugs: #99769, #100263, #100265
        ID: 200508-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Xpdf, Kpdf and GPdf may crash as a result of a Denial of Service
vulnerability.

Background
==========

Xpdf, Kpdf and GPdf are PDF file viewers that run under the X Window
System. Kpdf and GPdf both contain Xpdf code. Kpdf is also part of
kdegraphics.

Affected packages
=================

    -------------------------------------------------------------------
     Package               /   Vulnerable   /               Unaffected
    -------------------------------------------------------------------
  1  app-text/xpdf             < 3.00-r10                  >= 3.00-r10
  2  kde-base/kdegraphics      < 3.3.2-r3                  >= 3.3.2-r3
  3  kde-base/kpdf             < 3.4.1-r1                  >= 3.4.1-r1
  4  app-text/gpdf             < 2.10.0-r1                >= 2.10.0-r1
    -------------------------------------------------------------------
     4 affected packages on all of their supported architectures.
    -------------------------------------------------------------------

Description
===========

Xpdf, Kpdf and GPdf do not handle a broken table of embedded TrueType
fonts correctly. After detecting such a table, Xpdf, Kpdf and GPdf
attempt to reconstruct the information in it by decoding the PDF file,
which causes the generation of a huge temporary file.

Impact
======

A remote attacker may cause a Denial of Service by creating a specially
crafted PDF file, sending it to a CUPS printing system (which uses
Xpdf), or by enticing a user to open it in Xpdf, Kpdf, or GPdf.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Xpdf users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/xpdf-3.00-r10"

All GPdf users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/gpdf-2.10.0-r1"

All Kpdf users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=kde-base/kdegraphics-3.3.2-r3"

All KDE Split Ebuild Kpdf users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=kde-base/kpdf-3.4.1-r1"

References
==========

  [ 1 ] CAN-2005-2097
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2097

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200508-08.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0
    

- 漏洞信息 (F39208)

KDE Security Advisory 2005-08-09.1 (PacketStormID:F39208)
2005-08-11 00:00:00
KDE Desktop  kde.org
advisory
CVE-2005-2097
[点击下载]

KDE Security Advisory: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that causes it to write a file in $TMPDIR with almost infinite size, which can severly impact system performance. Systems affected are KDE 3.3.1 up to and including KDE 3.4.1.

KDE Security Advisory: kpdf temp file writing DoS vulnerability
Original Release Date: 2005-08-09
URL: http://www.kde.org/info/security/advisory-20050809-1.txt

0. References
        CAN-2005-2097


1. Systems affected:

        KDE 3.3.1 up to including KDE 3.4.1.


2. Overview:

        kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
        a vulnerability that causes it to write a file in $TMPDIR with
        almost infinite size, which can severly impact system performance.


3. Impact:

        Remotely supplied pdf files can be used to fill up all available
        disk space when opened with kpdf.


4. Solution:

        Source code patches have been made available which fix these
        vulnerabilities. Contact your OS vendor / binary package provider
        for information about how to obtain updated binary packages.


5. Patch:

        Patch for KDE 3.3.1 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        fc6fc7fa6886d6ff19037e7547846990  post-3.3.1-kdegraphics-4.diff

        Patch for KDE 3.4.1 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        fc6fc7fa6886d6ff19037e7547846990  post-3.4.1-kdegraphics-4.diff


    

- 漏洞信息 (F39189)

Ubuntu Security Notice 163-1 (PacketStormID:F39189)
2005-08-10 00:00:00
Ubuntu  ubuntu.com
advisory
linux,ubuntu
CVE-2005-2097
[点击下载]

Ubuntu Security Notice USN-163-1 - xpdf and kpdf does not sufficiently verify the validity of the loca table in PDF files, a table that contains glyph description information for embedded TrueType fonts.

===========================================================
Ubuntu Security Notice USN-163-1	    August 09, 2005
xpdf vulnerability
CAN-2005-2097
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

xpdf-reader
xpdf-utils
kpdf

The problem can be corrected by upgrading the affected package to
version 3.00-8ubuntu1.5 (for Ubuntu 4.10), or 3.00-11ubuntu3.1
(xpdf-reader and xpdf-utils for Ubuntu 5.04) and 4:3.4.0-0ubuntu3.1
(kpdf for Ubuntu 5.04).  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

xpdf and kpdf did not sufficiently verify the validity of the "loca"
table in PDF files, a table that contains glyph description
information for embedded TrueType fonts. After detecting the broken
table, xpdf attempted to reconstruct the information in it, which
caused the generation of a huge temporary file that quickly filled up
available disk space and rendered the application unresponsive.

The CUPS printing system in Ubuntu 5.04 uses the xpdf-utils package to
convert PDF files to PostScript. By attempting to print such a crafted
PDF file, a remote attacker could cause a Denial of Service in a print
server. The CUPS system in Ubuntu 4.10 is not vulnerable against this
attack.


Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00-11ubuntu3.1.diff.gz
      Size/MD5:    49233 4cd029c1e95456692b26dcfdb6d53ce8
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00-11ubuntu3.1.dsc
      Size/MD5:      798 bcb68e7e2d6af0bc9e67f87124ac8bda
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00.orig.tar.gz
      Size/MD5:   534697 95294cef3031dd68e65f331e8750b2c2

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-common_3.00-11ubuntu3.1_all.deb
      Size/MD5:    56848 14aa94843443c88cb173285fad7f22e0
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00-11ubuntu3.1_all.deb
      Size/MD5:     1278 7cb9919819da78b2fd00dcae61bb8c46

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-reader_3.00-11ubuntu3.1_amd64.deb
      Size/MD5:   667122 d63c5a97a615fc4f6996eb1c0e0db8d4
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-utils_3.00-11ubuntu3.1_amd64.deb
      Size/MD5:  1271460 ba0726cc5834f5c2484241ba3a708a18

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-reader_3.00-11ubuntu3.1_i386.deb
      Size/MD5:   631952 4b765c67380a65b3495411cfae390a76
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-utils_3.00-11ubuntu3.1_i386.deb
      Size/MD5:  1193432 1c81c58d022a9fc295121d7e3015bda3

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-reader_3.00-11ubuntu3.1_powerpc.deb
      Size/MD5:   693470 7b484b13228992748cc7005fd6aba632
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-utils_3.00-11ubuntu3.1_powerpc.deb
      Size/MD5:  1311586 8f8dcd99c4de8d58985caa4e3c0e7f8f

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00-8ubuntu1.5.diff.gz
      Size/MD5:    48457 66dae2ebe77d6c534341081053de0ad4
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00-8ubuntu1.5.dsc
      Size/MD5:      788 416e2f1981d1ee9ee840fea169647dd5
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00.orig.tar.gz
      Size/MD5:   534697 95294cef3031dd68e65f331e8750b2c2
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.4.0-0ubuntu3.1.diff.gz
      Size/MD5:   154890 bc6483123ff12803fffe3aa2bda692d3
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.4.0-0ubuntu3.1.dsc
      Size/MD5:     1373 7a956fb702674a455d412820e0451495
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.4.0.orig.tar.gz
      Size/MD5:  8099991 c60ab0a0d727701144b5342dcbee201a

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-common_3.00-8ubuntu1.5_all.deb
      Size/MD5:    56544 3d224afc953de8a9b435442e660605ee
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf_3.00-8ubuntu1.5_all.deb
      Size/MD5:     1276 9005b58cff86bb092a9517f5f23922a4
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.4.0-0ubuntu3.1_all.deb
      Size/MD5:    10300 ec94e5f36fb820b7d4bac5cd2ac33534

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-reader_3.00-8ubuntu1.5_amd64.deb
      Size/MD5:   666982 fac1e20d36a73d5ce7fd9ab14687e334
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-utils_3.00-8ubuntu1.5_amd64.deb
      Size/MD5:  1271400 7a81fc269ab824bbd33a229c77dceaad
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:    81916 ba96be6d955eea5a25f243099b96fc98
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:    93520 af0a0643f8e6239dca5ebfabb7542279
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics-dev_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:    58796 56d634ffdf6a30b2b1f6befe87284c7b
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   264398 a76e455377a8186876e92b637ba4d812
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   504812 39329ab1c8c37c7e20fc3586ca34dc1e
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   142990 f5f4425b604a830058e0e1dc858a8f1d
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kgamma_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:    76088 7cacd1083ecc2af8bbd8c74bfd4e6e0f
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   231168 d5e0053c78445904724f39dd577f5053
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   137534 bb441cb229f3fbdd86da8784d7c6c75f
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   227596 0b0bc954f8723130a145bf1ee70168f5
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kolourpaint_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   798720 831c2bfa32699f271a0fed894f271c0f
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   753156 278e9b51ac65ee737692d49ca65fb5e0
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   657458 50e033dc500e0186702419239dd9536c
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kpovmodeler_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:  2239588 1db84a1b3b77b69b50b2902746411fb1
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:    56308 209b274d36be561c22705578e1bc7656
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   132142 3762b1853a272edce602dddf68d57a7c
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:  1216632 899ceb59f17a0163b78bd8d5cf48eca3
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kuickshow_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   471318 39e2e4c6a32ecdf4021e7e0a9ad9530a
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kview_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   685498 a16981238b4a1d0041fa43a3b743424f
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kviewshell_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   255776 e3a8bde867881d5de2403aee14722597
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/libkscan-dev_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:     9700 fb007ba8f7cb7a94e77eb2daa20348f0
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.4.0-0ubuntu3.1_amd64.deb
      Size/MD5:   133834 ffc81571e412551c39b1cad094d0b9a3

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-reader_3.00-8ubuntu1.5_i386.deb
      Size/MD5:   631920 01510acbcd8381c6606e6e1c00b0ea0e
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-utils_3.00-8ubuntu1.5_i386.deb
      Size/MD5:  1193890 b757f37d5108f0aa597490dc399c33ff
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:    78352 311f0453459518f68031a60b4633643a
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:    86298 5ef24892b3707c4e3992275da924a4a0
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics-dev_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:    58798 2d4eeecf709b0d0c08924710158ccfe2
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   221794 9a6304ce578d798d86abbb324bcda58c
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   495944 2304daead52107020e668044373d794e
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   135958 9892ecb3e9f604b2327113ad2b9dfa5a
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kgamma_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:    73232 50089e6ec7b1acfac746d492cda20beb
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   220250 f47201168e9c6e2cd3ff618b3577c2fe
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   126060 ef39bd9a675e8e7201f42c06ad224f59
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   210146 d95c29cd7b0b33d3bc1ff3538f0989d4
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kolourpaint_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   766914 cade32ee0e0832ecbf2d358baa04dade
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   738262 107240bf57ce6d381305094289616124
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   611796 9c2cce47121d9ac7f456e92024fc1d5a
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kpovmodeler_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:  2168772 8fee82a345bea676764cd9373c60d802
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:    54816 4de21ab1116d2fe44b3063284742a542
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   128778 f40d74f86c84c3c02dc032133f022b69
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:  1195566 018488d1d644a30a4eab558b36ab58db
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kuickshow_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   463408 b1f830fcfae3200986b32dd6088abad7
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kview_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   648282 dc4d632c41f0f49f183c9e1388b8354a
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kviewshell_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   237694 7747872b0920530b186ca884208566c7
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/libkscan-dev_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:     9696 00a5c7cd8fe7c6c42ad4bf961c25d9b8
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.4.0-0ubuntu3.1_i386.deb
      Size/MD5:   125086 c55fe18ca690db7e8583b25ed87570c2

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-reader_3.00-8ubuntu1.5_powerpc.deb
      Size/MD5:   693162 60c5ad23ed7ca7915f4e11aae250db82
    http://security.ubuntu.com/ubuntu/pool/main/x/xpdf/xpdf-utils_3.00-8ubuntu1.5_powerpc.deb
      Size/MD5:  1311540 2b8690e3044f7b88760c5acef63bbcee
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:    79062 6ebe3fd2395a6da4347aab787f9bb33e
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:    88208 3d4c5c33a7fbde54525fec264ac0599f
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics-dev_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:    58808 85c91edda625847e6eeccdb0d2a01e11
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   260346 2ac7795f52efc1c821041284b1e9cf00
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   493320 a6cfdea42e87d5c57c231134288e96de
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   138464 0e1b165ae8abe63c431ed5e050720b52
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kgamma_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:    73874 6b20857f99469b77a539049fcc0c33a4
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   222482 081566f7c026eb2447faec407dfb86d6
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   127262 5d17635f5447882bd3a69338135f2746
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   215724 a8f03074461cd1cb7029104be0f6f536
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kolourpaint_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   756880 b7e2c36791baad6b8d95b0a421ea720f
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   738244 d7d81cbf500bcdbc5ea7513da4aba3c7
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   628970 b4bd7761e217af8b727257a42ec7bc58
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kpovmodeler_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:  2151892 9c15e838f10940a000d82cfcb690ea60
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:    54402 530562c13d720afadca85773f9c8936e
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   128500 29bf768d0f438d74e2d4ce8e3cc3e026
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:  1178820 5c42d32c9e9bd1d32d314473e1e2be8e
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kuickshow_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   465182 2fcd8f23d26ae6c1955fe61c4ce2763b
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kview_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   682210 3c3c96dbdd52a9fc202b8efb16c4efee
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kviewshell_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   238610 c2ead499fb239970ec1f04b92e743af2
    http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/libkscan-dev_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:     9696 2d68e1ebd7b569a7b99398699ec85f5f
    http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.4.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   126898 15908f0ef707a5d6dd7421f9108871b5
    

- 漏洞信息

18666
Xpdf Temporary File Disk Space Consumption DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-08-09 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

XPDF Loca Table Verification Remote Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 14529
Yes No
2005-08-09 12:00:00 2007-08-07 08:54:00
The discoverer of this issue is not currently known.

- 受影响的程序版本

Xpdf Xpdf 3.0 pl3
Xpdf Xpdf 3.0 pl2
Xpdf Xpdf 3.0 0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 10.0
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Red Hat Fedora Core2
+ Red Hat Fedora Core2
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 10.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
+ Ubuntu Ubuntu Linux 4.1 ia32
+ Ubuntu Ubuntu Linux 4.1 ia32
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
Sun Solaris 10.0_x86
Sun Solaris 10.0
SGI ProPack 3.0 SP6
SCO Open Server 6.0
SCO Open Server 5.0.7
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
KDE KDE 3.4.1
+ Red Hat Fedora Core4
KDE KDE 3.4
KDE KDE 3.3.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.1
+ Debian Linux 3.1
KDE KDE 3.3.2
KDE KDE 3.3.1
+ Red Hat Fedora Core3
GNOME GPdf 2.8.3
GNOME GPdf 2.8
GNOME GPdf 2.1
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Conectiva Linux 10.0
Avaya Interactive Response 2.0

- 漏洞讨论

The 'xpdf' utility is prone to a remote denial-of-service vulnerability.

The vulnerability presents itself when the application tries to verify the validity of a malformed 'loca' table in PDF files.

This issue can result in disk consumption and can ultimately lead to a denial-of-service condition.

The 'kpdf', 'gpdf', and 'CUPS' utilities are vulnerable to this issue as well.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

Please see the referenced vendor advisories for information on obtaining fixes.


Sun Solaris 10.0

Turbolinux Turbolinux 10 F...

Turbolinux Home

Sun Solaris 10.0_x86

TurboLinux Personal

TurboLinux Multimedia

Turbolinux Appliance Server Workgroup Edition 1.0

Turbolinux Appliance Server Hosting Edition 1.0

Conectiva Linux 10.0

Turbolinux Turbolinux Server 10.0

Turbolinux Turbolinux Desktop 10.0

GNOME GPdf 2.8

GNOME GPdf 2.8.3

SGI ProPack 3.0 SP6

Xpdf Xpdf 3.0 pl3

Xpdf Xpdf 3.0 0

KDE KDE 3.3.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站