ID DEBIAN_DSA-1008.NASL Type nessus Reporter This script is Copyright (C) 2006-2021 Tenable Network Security, Inc. Modified 2006-10-14T00:00:00
Description
Marcelo Ricardo Leitner noticed that the current patch in DSA
932(CVE-2005-3627 ) for kpdf, the PDF viewer for KDE, does not fix all
buffer overflows, still allowing an attacker to execute arbitrary
code.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-1008. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(22550);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2006-0746");
script_xref(name:"DSA", value:"1008");
script_name(english:"Debian DSA-1008-1 : kdegraphics - buffer overflow");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Marcelo Ricardo Leitner noticed that the current patch in DSA
932(CVE-2005-3627 ) for kpdf, the PDF viewer for KDE, does not fix all
buffer overflows, still allowing an attacker to execute arbitrary
code."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2005-3627"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2006/dsa-1008"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the kpdf package.
The old stable distribution (woody) does not contain kpdf packages.
For the stable distribution (sarge) this problem has been fixed in
version 3.3.2-2sarge4."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:kdegraphics");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");
script_set_attribute(attribute:"patch_publication_date", value:"2006/03/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/08");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"3.1", prefix:"kamera", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kcoloredit", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kdegraphics", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kdegraphics-dev", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kdegraphics-kfile-plugins", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kdvi", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kfax", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kgamma", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kghostview", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kiconedit", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kmrml", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kolourpaint", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kooka", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kpdf", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kpovmodeler", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kruler", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ksnapshot", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ksvg", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kuickshow", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kview", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"kviewshell", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libkscan-dev", reference:"3.3.2-2sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libkscan1", reference:"3.3.2-2sarge4")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-1008.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-1008-1 : kdegraphics - buffer overflow", "description": "Marcelo Ricardo Leitner noticed that the current patch in DSA\n932(CVE-2005-3627 ) for kpdf, the PDF viewer for KDE, does not fix all\nbuffer overflows, still allowing an attacker to execute arbitrary\ncode.", "published": "2006-10-14T00:00:00", "modified": "2006-10-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/22550", "reporter": "This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.", "references": ["https://security-tracker.debian.org/tracker/CVE-2005-3627", "http://www.debian.org/security/2006/dsa-1008"], "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "type": "nessus", "lastseen": "2021-01-06T09:44:31", "edition": 25, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3627", "CVE-2006-0746"]}, {"type": "openvas", "idList": ["OPENVAS:56457", "OPENVAS:136141256231056422", "OPENVAS:56077", "OPENVAS:56220", "OPENVAS:56145", "OPENVAS:56221", "OPENVAS:56229", "OPENVAS:56141", "OPENVAS:56142", "OPENVAS:56422"]}, {"type": "nessus", "idList": ["FEDORA_2006-011.NASL", "SLACKWARE_SSA_2006-072-01.NASL", "CENTOS_RHSA-2006-0262.NASL", "REDHAT-RHSA-2006-0262.NASL", "FEDORA_2006-010.NASL", "FEDORA_2006-028.NASL", "FEDORA_2006-026.NASL", "FEDORA_2005-028.NASL", "MANDRAKE_MDKSA-2006-054.NASL", "FEDORA_2005-000.NASL"]}, {"type": "redhat", "idList": ["RHSA-2006:0177", "RHSA-2005:868", "RHSA-2006:0160", "RHSA-2006:0163", "RHSA-2005:840", "RHSA-2006:0262"]}, {"type": "debian", "idList": ["DEBIAN:DSA-937-1:2198C", "DEBIAN:DSA-938-1:98E0B", "DEBIAN:DSA-962-1:55BC9", "DEBIAN:DSA-931-1:51450", "DEBIAN:DSA-961-1:46885", "DEBIAN:DSA-940-1:EE1A6", "DEBIAN:DSA-1008-1:0FC6C", "DEBIAN:DSA-950-1:9CD01", "DEBIAN:DSA-932-1:4933B"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:11253", "SECURITYVULNS:DOC:10913", "SECURITYVULNS:DOC:11776", "SECURITYVULNS:DOC:11258"]}, {"type": "centos", "idList": ["CESA-2006:0160-01", "CESA-2005:868", "CESA-2005:840", "CESA-2006:0262", "CESA-2006:0177", "CESA-2006:0163", "CESA-2006:0160", "CESA-2005:840-01", "CESA-2005:840-02"]}, {"type": "slackware", "idList": ["SSA-2006-072-01"]}, {"type": "osvdb", "idList": ["OSVDB:23833", "OSVDB:22236"]}, {"type": "talos", "idList": ["TALOS-2017-0319", "TALOS-2017-2818"]}, {"type": "seebug", "idList": ["SSV:96476"]}, {"type": "ubuntu", "idList": ["USN-236-1", "USN-236-2"]}, {"type": "gentoo", "idList": ["GLSA-200601-17", "GLSA-200601-02"]}, {"type": "talosblog", "idList": ["TALOSBLOG:E92A35ABBB4E772E08533C6C9DA50867"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0262"]}, {"type": "suse", "idList": ["SUSE-SA:2006:001"]}], "modified": "2021-01-06T09:44:31", "rev": 2}, "score": {"value": 7.5, "vector": "NONE", "modified": "2021-01-06T09:44:31", "rev": 2}, "vulnersScore": 7.5}, "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22550);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-0746\");\n script_xref(name:\"DSA\", value:\"1008\");\n\n script_name(english:\"Debian DSA-1008-1 : kdegraphics - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marcelo Ricardo Leitner noticed that the current patch in DSA\n932(CVE-2005-3627 ) for kpdf, the PDF viewer for KDE, does not fix all\nbuffer overflows, still allowing an attacker to execute arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2005-3627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kpdf package.\n\nThe old stable distribution (woody) does not contain kpdf packages.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 3.3.2-2sarge4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"kamera\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kcoloredit\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kdegraphics\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kdegraphics-dev\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kdegraphics-kfile-plugins\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kdvi\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kfax\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kgamma\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kghostview\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kiconedit\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kmrml\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kolourpaint\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kooka\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kpdf\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kpovmodeler\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kruler\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ksnapshot\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ksvg\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kuickshow\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kview\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kviewshell\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkscan-dev\", reference:\"3.3.2-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkscan1\", reference:\"3.3.2-2sarge4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "22550", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:kdegraphics"], "scheme": null}
{"cve": [{"lastseen": "2020-10-03T11:34:57", "description": "Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large \"number of components\" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large \"Huffman table index\" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.", "edition": 3, "cvss3": {}, "published": "2005-12-31T05:00:00", "title": "CVE-2005-3627", "type": "cve", "cwe": ["CWE-119", "NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-3627"], "modified": "2018-10-19T15:37:00", "cpe": ["cpe:/a:xpdf:xpdf:*"], "id": "CVE-2005-3627", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3627", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:48:13", "description": "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.", "edition": 3, "cvss3": {}, "published": "2006-03-09T00:02:00", "title": "CVE-2006-0746", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0746"], "modified": "2018-10-19T15:46:00", "cpe": ["cpe:/a:xpdf:xpdf:*"], "id": "CVE-2006-0746", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0746", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:49:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "description": "The remote host is missing an update to kdegraphics\nannounced via advisory DSA 1008-1.\n\nMarcelo Ricardo Leitner noticed that the current patch in DSA 932\n(CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all\nbuffer overflows, still allowing an attacker to execute arbitrary\ncode.\n\nThe old stable distribution (woody) does not contain kpdf packages.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56457", "href": "http://plugins.openvas.org/nasl.php?oid=56457", "type": "openvas", "title": "Debian Security Advisory DSA 1008-1 (kdegraphics)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1008_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1008-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 3.3.2-2sarge4.\n\nThe unstable distribution (sid) is not affected by this problem.\n\nWe recommend that you upgrade your kpdf package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201008-1\";\ntag_summary = \"The remote host is missing an update to kdegraphics\nannounced via advisory DSA 1008-1.\n\nMarcelo Ricardo Leitner noticed that the current patch in DSA 932\n(CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all\nbuffer overflows, still allowing an attacker to execute arbitrary\ncode.\n\nThe old stable distribution (woody) does not contain kpdf packages.\";\n\n\nif(description)\n{\n script_id(56457);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:09:45 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-0746\", \"CVE-2005-3627\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1008-1 (kdegraphics)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kdegraphics\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kamera\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kcoloredit\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-dev\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-kfile-plugins\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdvi\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kfax\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kgamma\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kghostview\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kiconedit\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kmrml\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kolourpaint\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kooka\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpdf\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpovmodeler\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kruler\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ksnapshot\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ksvg\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kuickshow\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kview\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kviewshell\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkscan-dev\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkscan1\", ver:\"3.3.2-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0746"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-072-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:56422", "href": "http://plugins.openvas.org/nasl.php?oid=56422", "type": "openvas", "title": "Slackware Advisory SSA:2006-072-01 Slackware 10.1 kdegraphics", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_072_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A new kdegraphics package is available for Slackware 10.1 to fix a\nsecurity issue. A portion of the recent security patch was missing\nin the version that was applied to kdegraphics-3.3.2 in Slackware\n10.1. Other versions of Slackware are not affected by this\nspecific missing patch issue.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2006-072-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-072-01\";\n \nif(description)\n{\n script_id(56422);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_bugtraq_id(17039);\n script_cve_id(\"CVE-2006-0746\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2006-072-01 Slackware 10.1 kdegraphics \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"kdegraphics\", ver:\"3.3.2-i486-5\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0746"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-072-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231056422", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231056422", "type": "openvas", "title": "Slackware Advisory SSA:2006-072-01 Slackware 10.1 kdegraphics", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_072_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.56422\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_bugtraq_id(17039);\n script_cve_id(\"CVE-2006-0746\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2006-072-01 Slackware 10.1 kdegraphics\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK10\\.1\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-072-01\");\n\n script_tag(name:\"insight\", value:\"A new kdegraphics package is available for Slackware 10.1 to fix a\nsecurity issue. A portion of the recent security patch was missing\nin the version that was applied to kdegraphics-3.3.2 in Slackware\n10.1. Other versions of Slackware are not affected by this\nspecific missing patch issue.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2006-072-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"kdegraphics\", ver:\"3.3.2-i486-5\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200601-17.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:56229", "href": "http://plugins.openvas.org/nasl.php?oid=56229", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Xpdf, Poppler, GPdf, libextractor and pdftohtml are vulnerable to integer\noverflows that may be exploited to execute arbitrary code.\";\ntag_solution = \"All Xpdf users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/xpdf-3.01-r5'\n\nAll Poppler users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/poppler-0.4.3-r4'\n\nAll GPdf users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/gpdf-2.10.0-r3'\n\nAll libextractor users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libextractor-0.5.9'\n\nAll pdftohtml users should migrate to the latest stable version of\nPoppler.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200601-17\nhttp://bugs.gentoo.org/show_bug.cgi?id=117481\nhttp://bugs.gentoo.org/show_bug.cgi?id=117494\nhttp://bugs.gentoo.org/show_bug.cgi?id=117495\nhttp://bugs.gentoo.org/show_bug.cgi?id=115789\nhttp://bugs.gentoo.org/show_bug.cgi?id=118665\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200601-17.\";\n\n \n\nif(description)\n{\n script_id(56229);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-3627\", \"CVE-2005-3626\", \"CVE-2005-3625\", \"CVE-2005-3624\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/xpdf\", unaffected: make_list(\"ge 3.01-r5\"), vulnerable: make_list(\"lt 3.01-r5\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/poppler\", unaffected: make_list(\"ge 0.4.3-r4\"), vulnerable: make_list(\"lt 0.4.3-r4\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/gpdf\", unaffected: make_list(\"ge 2.10.0-r3\"), vulnerable: make_list(\"lt 2.10.0-r3\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"media-libs/libextractor\", unaffected: make_list(\"ge 0.5.9\"), vulnerable: make_list(\"lt 0.5.9\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/pdftohtml\", unaffected: make_list(), vulnerable: make_list(\"lt 0.36-r4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200601-02.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:56077", "href": "http://plugins.openvas.org/nasl.php?oid=56077", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\nmaking them vulnerable to the execution of arbitrary code.\";\ntag_solution = \"All kdegraphics users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdegraphics-3.4.3-r3'\n\nAll Kpdf users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kpdf-3.4.3-r3'\n\nAll KOffice users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/koffice-1.4.2-r6'\n\nAll KWord users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/kword-1.4.2-r6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200601-02\nhttp://bugs.gentoo.org/show_bug.cgi?id=114429\nhttp://bugs.gentoo.org/show_bug.cgi?id=115851\nhttp://www.gentoo.org/security/en/glsa/glsa-200512-08.xml\nhttp://www.kde.org/info/security/advisory-20051207-2.txt\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200601-02.\";\n\n \n\nif(description)\n{\n script_id(56077);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-3191\", \"CVE-2005-3192\", \"CVE-2005-3193\", \"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"kde-base/kdegraphics\", unaffected: make_list(\"ge 3.4.3-r3\"), vulnerable: make_list(\"lt 3.4.3-r3\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"kde-base/kpdf\", unaffected: make_list(\"ge 3.4.3-r3\"), vulnerable: make_list(\"lt 3.4.3-r3\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-office/koffice\", unaffected: make_list(\"ge 1.4.2-r6\"), vulnerable: make_list(\"lt 1.4.2-r6\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-office/kword\", unaffected: make_list(\"ge 1.4.2-r6\"), vulnerable: make_list(\"lt 1.4.2-r6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "The remote host is missing an update to koffice\nannounced via advisory DSA 938-1.\n\ninfamous41md and chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in koffice, the KDE Office Suite, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain koffice packages.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56141", "href": "http://plugins.openvas.org/nasl.php?oid=56141", "type": "openvas", "title": "Debian Security Advisory DSA 938-1 (koffice)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_938_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 938-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 1.3.5-4.sarge.2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.4.2-6.\n\nWe recommend that you upgrade your koffice package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20938-1\";\ntag_summary = \"The remote host is missing an update to koffice\nannounced via advisory DSA 938-1.\n\ninfamous41md and chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in koffice, the KDE Office Suite, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain koffice packages.\";\n\n\nif(description)\n{\n script_id(56141);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-3191\", \"CVE-2005-3193\", \"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\", \"CVE-2005-3628\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 938-1 (koffice)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kivio-data\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-data\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-doc-html\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"karbon\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kchart\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kformula\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kivio\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-dev\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-libs\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koshell\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpresenter\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kspread\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kugar\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kword\", ver:\"1.3.5-4.sarge.2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3624", "CVE-2005-3628"], "description": "The remote host is missing an update to tetex-bin\nannounced via advisory DSA 937-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in tetex-bin, the binary files of teTeX, and which can\nlead to a denial of service by crashing the application or possibly to\nthe execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.0.7+20011202-7.7.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56142", "href": "http://plugins.openvas.org/nasl.php?oid=56142", "type": "openvas", "title": "Debian Security Advisory DSA 937-1 (tetex-bin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_937_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 937-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 2.0.2-30sarge4.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 0.4.3-2 of poppler against which tetex-bin links.\n\nWe recommend that you upgrade your tetex-bin package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20937-1\";\ntag_summary = \"The remote host is missing an update to tetex-bin\nannounced via advisory DSA 937-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in tetex-bin, the binary files of teTeX, and which can\nlead to a denial of service by crashing the application or possibly to\nthe execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.0.7+20011202-7.7.\";\n\n\nif(description)\n{\n script_id(56142);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-3191\", \"CVE-2005-3192\", \"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\", \"CVE-2005-3628\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 937-1 (tetex-bin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libkpathsea-dev\", ver:\"1.0.7+20011202-7.7\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkpathsea3\", ver:\"1.0.7+20011202-7.7\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tetex-bin\", ver:\"1.0.7+20011202-7.7\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkpathsea-dev\", ver:\"2.0.2-30sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkpathsea3\", ver:\"2.0.2-30sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tetex-bin\", ver:\"2.0.2-30sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3624", "CVE-2005-3628"], "description": "The remote host is missing an update to gpdf\nannounced via advisory DSA 940-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in gpdf, the GNOME version of the Portable Document\nFormat viewer, and which can lead to a denial of service by crashing\nthe application or possibly to the execution of arbitrary code.\n\nThe old stable distribution (woody) does not contain gpdf packages.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56145", "href": "http://plugins.openvas.org/nasl.php?oid=56145", "type": "openvas", "title": "Debian Security Advisory DSA 940-1 (gpdf)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_940_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 940-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 2.8.2-1.2sarge2\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your gpdf package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20940-1\";\ntag_summary = \"The remote host is missing an update to gpdf\nannounced via advisory DSA 940-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in gpdf, the GNOME version of the Portable Document\nFormat viewer, and which can lead to a denial of service by crashing\nthe application or possibly to the execution of arbitrary code.\n\nThe old stable distribution (woody) does not contain gpdf packages.\";\n\n\nif(description)\n{\n script_id(56145);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-3191\", \"CVE-2005-3192\", \"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\", \"CVE-2005-3628\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 940-1 (gpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gpdf\", ver:\"2.8.2-1.2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "The remote host is missing an update to pdfkit.framework\nannounced via advisory DSA 961-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in pdfkit.framework, the\nGNUstep framework for rendering PDF content, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain pdfkit.framework\npackages.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56220", "href": "http://plugins.openvas.org/nasl.php?oid=56220", "type": "openvas", "title": "Debian Security Advisory DSA 961-1 (pdfkit.framework)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_961_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 961-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 0.8-2sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your pdfkit.framework package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20961-1\";\ntag_summary = \"The remote host is missing an update to pdfkit.framework\nannounced via advisory DSA 961-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in pdfkit.framework, the\nGNUstep framework for rendering PDF content, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain pdfkit.framework\npackages.\";\n\n\nif(description)\n{\n script_id(56220);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-3191\", \"CVE-2005-3192\", \"CVE-2005-3193\", \"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\", \"CVE-2005-3628\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 961-1 (pdfkit.framework)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdfkit.framework\", ver:\"0.8-2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "The remote host is missing an update to cupsys\nannounced via advisory DSA 950-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in CUPS, the Common UNIX\nPrinting System, and which can lead to a denial of service by crashing\nthe application or possibly to the execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.1.14-5woody14.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56211", "href": "http://plugins.openvas.org/nasl.php?oid=56211", "type": "openvas", "title": "Debian Security Advisory DSA 950-1 (cupsys)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_950_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 950-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 1.1.23-10sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your CUPS packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20950-1\";\ntag_summary = \"The remote host is missing an update to cupsys\nannounced via advisory DSA 950-1.\n\ninfamous41md and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in CUPS, the Common UNIX\nPrinting System, and which can lead to a denial of service by crashing\nthe application or possibly to the execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.1.14-5woody14.\";\n\n\nif(description)\n{\n script_id(56211);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-3191\", \"CVE-2005-3192\", \"CVE-2005-3193\", \"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\", \"CVE-2005-3628\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 950-1 (cupsys)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.1.14-5woody14\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.1.14-5woody14\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.1.14-5woody14\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-pstoraster\", ver:\"1.1.14-5woody14\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.1.14-5woody14\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.1.14-5woody14\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2-gnutls10\", ver:\"1.1.23-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-06T09:24:57", "description": "Updated kdegraphics packages that fully resolve a security issue in\nkpdf are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment including kpdf, a PDF file viewer.\n\nMarcelo Ricardo Leitner discovered that a kpdf security fix,\nCVE-2005-3627, was incomplete. Red Hat issued kdegraphics packages\nwith this incomplete fix in RHSA-2005:868. An attacker could construct\na carefully crafted PDF file that could cause kpdf to crash or\npossibly execute arbitrary code when opened. The Common\nVulnerabilities and Exposures project assigned the name CVE-2006-0746\nto this issue.\n\nUsers of kpdf should upgrade to these updated packages, which contain\na backported patch to resolve this issue.", "edition": 26, "published": "2006-07-05T00:00:00", "title": "CentOS 4 : kdegraphics (CESA-2006:0262)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "modified": "2006-07-05T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:kdegraphics-devel", "p-cpe:/a:centos:centos:kdegraphics"], "id": "CENTOS_RHSA-2006-0262.NASL", "href": "https://www.tenable.com/plugins/nessus/21989", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0262 and \n# CentOS Errata and Security Advisory 2006:0262 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21989);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-3627\", \"CVE-2006-0746\");\n script_bugtraq_id(16143);\n script_xref(name:\"RHSA\", value:\"2006:0262\");\n\n script_name(english:\"CentOS 4 : kdegraphics (CESA-2006:0262)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kdegraphics packages that fully resolve a security issue in\nkpdf are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment including kpdf, a PDF file viewer.\n\nMarcelo Ricardo Leitner discovered that a kpdf security fix,\nCVE-2005-3627, was incomplete. Red Hat issued kdegraphics packages\nwith this incomplete fix in RHSA-2005:868. An attacker could construct\na carefully crafted PDF file that could cause kpdf to crash or\npossibly execute arbitrary code when opened. The Common\nVulnerabilities and Exposures project assigned the name CVE-2006-0746\nto this issue.\n\nUsers of kpdf should upgrade to these updated packages, which contain\na backported patch to resolve this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-March/012718.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d98b7f4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-March/012726.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54def4e7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-March/012733.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d6442b7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kdegraphics-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"kdegraphics-3.3.1-3.9\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"kdegraphics-devel-3.3.1-3.9\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics / kdegraphics-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:35", "description": "Updated kdegraphics packages that fully resolve a security issue in\nkpdf are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment including kpdf, a PDF file viewer.\n\nMarcelo Ricardo Leitner discovered that a kpdf security fix,\nCVE-2005-3627, was incomplete. Red Hat issued kdegraphics packages\nwith this incomplete fix in RHSA-2005:868. An attacker could construct\na carefully crafted PDF file that could cause kpdf to crash or\npossibly execute arbitrary code when opened. The Common\nVulnerabilities and Exposures project assigned the name CVE-2006-0746\nto this issue.\n\nUsers of kpdf should upgrade to these updated packages, which contain\na backported patch to resolve this issue.", "edition": 27, "published": "2006-03-10T00:00:00", "title": "RHEL 4 : kdegraphics (RHSA-2006:0262)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "modified": "2006-03-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:kdegraphics-devel", "p-cpe:/a:redhat:enterprise_linux:kdegraphics"], "id": "REDHAT-RHSA-2006-0262.NASL", "href": "https://www.tenable.com/plugins/nessus/21043", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0262. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21043);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-3627\", \"CVE-2006-0746\");\n script_bugtraq_id(16143);\n script_xref(name:\"RHSA\", value:\"2006:0262\");\n\n script_name(english:\"RHEL 4 : kdegraphics (RHSA-2006:0262)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kdegraphics packages that fully resolve a security issue in\nkpdf are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment including kpdf, a PDF file viewer.\n\nMarcelo Ricardo Leitner discovered that a kpdf security fix,\nCVE-2005-3627, was incomplete. Red Hat issued kdegraphics packages\nwith this incomplete fix in RHSA-2005:868. An attacker could construct\na carefully crafted PDF file that could cause kpdf to crash or\npossibly execute arbitrary code when opened. The Common\nVulnerabilities and Exposures project assigned the name CVE-2006-0746\nto this issue.\n\nUsers of kpdf should upgrade to these updated packages, which contain\na backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-0746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0262\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics and / or kdegraphics-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdegraphics-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0262\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kdegraphics-3.3.1-3.9\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kdegraphics-devel-3.3.1-3.9\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics / kdegraphics-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2016-09-26T17:23:38", "edition": 1, "description": "The remote host is missing the patch for the advisory FEDORA-2005-000 (cups).\n\nThe Common UNIX Printing System provides a portable printing layer for UNIX(r) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users.\nCUPS provides the System V and Berkeley command-line interfaces.\n\nUpdate Information:\n\nThis update fixes the pdftops filter's handling of some incorrectly-formed PDF files. Issues fixed are CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627.", "published": "2006-01-11T00:00:00", "type": "nessus", "title": "Fedora Core 3 2005-000: cups", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627"], "modified": "2016-05-26T00:00:00", "id": "FEDORA_2005-000.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=20396", "sourceData": "# @DEPRECATED@\n#\n# This script has been deprecated as the associated advisory is not\n# security-related.\n#\n# Disabled on 2012/09/30.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text is was extracted from the Fedora Security Advisory\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(20396);\n script_version (\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/05/26 16:04:30 $\");\n script_cve_id(\"CVE-2005-3627\");\n \n name[\"english\"] = \"Fedora Core 3 2005-000: cups\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory FEDORA-2005-000 (cups).\n\nThe Common UNIX Printing System provides a portable printing layer for\nUNIX(r) operating systems. It has been developed by Easy Software Products\nto promote a standard printing solution for all UNIX vendors and users.\nCUPS provides the System V and Berkeley command-line interfaces.\n\nUpdate Information:\n\nThis update fixes the pdftops filter's handling of some\nincorrectly-formed PDF files. Issues fixed are\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Get the newest Fedora Updates\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/01/11\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the cups package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Fedora Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/RedHat/rpm-list\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated advisory is not security-related.\");\n\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"cups-1.1.22-0.rc1.8.9\", release:\"FC3\") )\n{\n security_hole(port:0, extra:rpm_report_get());\n exit(0);\n}\nif ( rpm_check( reference:\"cups-devel-1.1.22-0.rc1.8.9\", release:\"FC3\") )\n{\n security_hole(port:0, extra:rpm_report_get());\n exit(0);\n}\nif ( rpm_check( reference:\"cups-libs-1.1.22-0.rc1.8.9\", release:\"FC3\") )\n{\n security_hole(port:0, extra:rpm_report_get());\n exit(0);\n}\nif ( rpm_exists(rpm:\"cups-\", release:\"FC3\") )\n{\n set_kb_item(name:\"CVE-2005-3627\", value:TRUE);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-01-07T11:51:32", "description": "Marcelo Ricardo Leitner discovered the official published kpdf patches\nfor several previous xpdf vulnerabilities were lacking some hunks\npublished by upstream xpdf. As a result, kpdf is still vulnerable to\ncertain carefully crafted pdf files.\n\nAlthough previous updates captured most of these changes, this new\nupdate picks up some of the missing patches.\n\nThe updated packages have been patched to correct these problems.", "edition": 24, "published": "2006-03-09T00:00:00", "title": "Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:054)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0746"], "modified": "2006-03-09T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libkdegraphics0-mrmlsearch", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-common", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpaint", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka", "p-cpe:/a:mandriva:linux:kdegraphics-kuickshow", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpdf", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-mrmlsearch", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview", "p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kiconedit", "p-cpe:/a:mandriva:linux:kdegraphics-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:kdegraphics-kooka", "p-cpe:/a:mandriva:linux:kdegraphics", "p-cpe:/a:mandriva:linux:kdegraphics-ksvg", "p-cpe:/a:mandriva:linux:kdegraphics-kolourpaint", "cpe:/o:mandriva:linux:2006", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-kruler", "p-cpe:/a:mandriva:linux:libkdegraphics0-kuickshow", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kuickshow", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot", "p-cpe:/a:mandriva:linux:kdegraphics-kfax", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kdvi", "p-cpe:/a:mandriva:linux:kdegraphics-kview"], "id": "MANDRAKE_MDKSA-2006-054.NASL", "href": "https://www.tenable.com/plugins/nessus/21037", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:054. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21037);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0746\");\n script_xref(name:\"MDKSA\", value:\"2006:054\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:054)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marcelo Ricardo Leitner discovered the official published kpdf patches\nfor several previous xpdf vulnerabilities were lacking some hunks\npublished by upstream xpdf. As a result, kpdf is still vulnerable to\ncertain carefully crafted pdf files.\n\nAlthough previous updates captured most of these changes, this new\nupdate picks up some of the missing patches.\n\nThe updated packages have been patched to correct these problems.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kiconedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kolourpaint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpaint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kruler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-common-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kdvi-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kfax-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kghostview-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kiconedit-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kolourpaint-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kooka-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kpaint-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kpdf-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kpovmodeler-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kruler-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-ksnapshot-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-ksvg-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kuickshow-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-kview-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"kdegraphics-mrmlsearch-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kuickshow-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-mrmlsearch-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kuickshow-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-devel-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libkdegraphics0-mrmlsearch-3.4.2-11.6.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:17", "description": "A new kdegraphics package is available for Slackware 10.1 to fix a\nsecurity issue. A portion of the recent security patch was missing in\nthe version that was applied to kdegraphics-3.3.2 in Slackware 10.1.\nOther versions of Slackware are not affected by this specific missing\npatch issue.", "edition": 23, "published": "2006-03-14T00:00:00", "title": "Slackware 10.1 : Slackware 10.1 kdegraphics (SSA:2006-072-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0746"], "modified": "2006-03-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kdegraphics", "cpe:/o:slackware:slackware_linux:10.1"], "id": "SLACKWARE_SSA_2006-072-01.NASL", "href": "https://www.tenable.com/plugins/nessus/21074", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2006-072-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21074);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0746\");\n script_xref(name:\"SSA\", value:\"2006-072-01\");\n\n script_name(english:\"Slackware 10.1 : Slackware 10.1 kdegraphics (SSA:2006-072-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A new kdegraphics package is available for Slackware 10.1 to fix a\nsecurity issue. A portion of the recent security patch was missing in\nthe version that was applied to kdegraphics-3.3.2 in Slackware 10.1.\nOther versions of Slackware are not affected by this specific missing\npatch issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.326729\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f4b1c909\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"10.1\", pkgname:\"kdegraphics\", pkgver:\"3.3.2\", pkgarch:\"i486\", pkgnum:\"5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-10-29T13:33:35", "description": "Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened.\n\nThe Common Vulnerabilities and Exposures project assigned the names CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\n\nThis package also updates bindings in texdoc and causes the local texmf tree to be searched first.", "edition": 2, "published": "2012-09-24T00:00:00", "type": "nessus", "title": "Fedora Core 4 : tetex-3.0-9.FC4 (2005-028)", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625"], "cpe": ["cpe:/o:fedoraproject:fedora_core:4"], "modified": "2012-10-01T00:00:00", "id": "FEDORA_2005-028.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62250", "sourceData": "# @DEPRECATED@ \n# \n# This script has been deprecated by fedora_2006-028.nasl. \n# \n# Disabled on 2012/10/01. \n# \n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from Fedora Security\n# Advisory 2005-028.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62250);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2012/10/01 13:51:08 $\");\n\n script_cve_id(\"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\");\n script_xref(name:\"FEDORA\", value:\"2005-028\");\n\n script_name(english:\"Fedora Core 4 : tetex-3.0-9.FC4 (2005-028)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the way teTeX processes PDF files. An\nattacker could construct a carefully crafted PDF file that could cause\npoppler to crash or possibly execute arbitrary code when opened.\n\nThe Common Vulnerabilities and Exposures project assigned the names\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\n\nThis package also updates bindings in texdoc and causes the local\ntexmf tree to be searched first.\"\n );\n # http://lists.fedoraproject.org/pipermail/announce/2006-January/001740.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ab729f2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #20409 (fedora_2006-028.nasl) instead.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"tetex-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-afm-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-debuginfo-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-doc-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-dvips-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-fonts-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-latex-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-xdvi-3.0-9.FC4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-01-12T10:05:54", "description": "Several flaws were discovered in the way teTeX processes PDF files. An\nattacker could construct a carefully crafted PDF file that could cause\npoppler to crash or possibly execute arbitrary code when opened.\n\nThe Common Vulnerabilities and Exposures project assigned the names\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\n\nThis package also updates bindings in texdoc and causes the local\ntexmf tree to be searched first.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2006-01-15T00:00:00", "title": "Fedora Core 4 : tetex-3.0-9.FC4 (2006-028)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625"], "modified": "2006-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tetex-doc", "p-cpe:/a:fedoraproject:fedora:tetex-dvips", "p-cpe:/a:fedoraproject:fedora:tetex-fonts", "p-cpe:/a:fedoraproject:fedora:tetex-debuginfo", "p-cpe:/a:fedoraproject:fedora:tetex-afm", "cpe:/o:fedoraproject:fedora_core:4", "p-cpe:/a:fedoraproject:fedora:tetex-xdvi", "p-cpe:/a:fedoraproject:fedora:tetex", "p-cpe:/a:fedoraproject:fedora:tetex-latex"], "id": "FEDORA_2006-028.NASL", "href": "https://www.tenable.com/plugins/nessus/20409", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-028.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20409);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\");\n script_xref(name:\"FEDORA\", value:\"2006-028\");\n\n script_name(english:\"Fedora Core 4 : tetex-3.0-9.FC4 (2006-028)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the way teTeX processes PDF files. An\nattacker could construct a carefully crafted PDF file that could cause\npoppler to crash or possibly execute arbitrary code when opened.\n\nThe Common Vulnerabilities and Exposures project assigned the names\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\n\nThis package also updates bindings in texdoc and causes the local\ntexmf tree to be searched first.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2006-January/001740.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?30f67f07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 4.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"tetex-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-afm-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-debuginfo-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-doc-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-dvips-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-fonts-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-latex-3.0-9.FC4\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"tetex-xdvi-3.0-9.FC4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tetex / tetex-afm / tetex-debuginfo / tetex-doc / tetex-dvips / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:53", "description": "This update fixes the pdftops filter's handling of some\nincorrectly-formed PDF files. Issues fixed are CVE-2005-3625,\nCVE-2005-3626, and CVE-2005-3627.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2012-09-24T00:00:00", "title": "Fedora Core 4 : cups-1.1.23-15.3 (2006-010)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625"], "modified": "2012-09-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups-debuginfo", "p-cpe:/a:fedoraproject:fedora:cups-lpd", "cpe:/o:fedoraproject:fedora_core:4", "p-cpe:/a:fedoraproject:fedora:cups", "p-cpe:/a:fedoraproject:fedora:cups-libs", "p-cpe:/a:fedoraproject:fedora:cups-devel"], "id": "FEDORA_2006-010.NASL", "href": "https://www.tenable.com/plugins/nessus/62262", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-010.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62262);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-010\");\n\n script_name(english:\"Fedora Core 4 : cups-1.1.23-15.3 (2006-010)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the pdftops filter's handling of some\nincorrectly-formed PDF files. Issues fixed are CVE-2005-3625,\nCVE-2005-3626, and CVE-2005-3627.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2006-January/001715.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1bb1f985\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 4.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"cups-1.1.23-15.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"cups-debuginfo-1.1.23-15.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"cups-devel-1.1.23-15.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"cups-libs-1.1.23-15.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"cups-lpd-1.1.23-15.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:53", "description": "This update fixes the pdftops filter's handling of some\nincorrectly-formed PDF files. Issues fixed are CVE-2005-3625,\nCVE-2005-3626, and CVE-2005-3627.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2012-09-24T00:00:00", "title": "Fedora Core 3 : cups-1.1.22-0.rc1.8.9 (2006-011)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625"], "modified": "2012-09-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups-debuginfo", "cpe:/o:fedoraproject:fedora_core:3", "p-cpe:/a:fedoraproject:fedora:cups", "p-cpe:/a:fedoraproject:fedora:cups-libs", "p-cpe:/a:fedoraproject:fedora:cups-devel"], "id": "FEDORA_2006-011.NASL", "href": "https://www.tenable.com/plugins/nessus/62263", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-011.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62263);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-011\");\n\n script_name(english:\"Fedora Core 3 : cups-1.1.22-0.rc1.8.9 (2006-011)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the pdftops filter's handling of some\nincorrectly-formed PDF files. Issues fixed are CVE-2005-3625,\nCVE-2005-3626, and CVE-2005-3627.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2006-January/001716.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3ce1b22\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"cups-1.1.22-0.rc1.8.9\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cups-debuginfo-1.1.22-0.rc1.8.9\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cups-devel-1.1.22-0.rc1.8.9\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cups-libs-1.1.22-0.rc1.8.9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-10-29T13:39:43", "edition": 2, "description": "Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened.\n\nThe Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.", "published": "2012-09-24T00:00:00", "type": "nessus", "title": "Fedora Core 3 : tetex-2.0.2-21.7.FC3 (2005-029)", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "cpe": ["cpe:/o:fedoraproject:fedora_core:3"], "modified": "2012-10-01T00:00:00", "id": "FEDORA_2005-029.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62251", "sourceData": "# @DEPRECATED@ \n# \n# This script has been deprecated by fedora_2006-029.nasl. \n# \n# Disabled on 2012/10/01. \n# \n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from Fedora Security\n# Advisory 2005-029.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62251);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2012/10/01 13:51:08 $\");\n\n script_cve_id(\"CVE-2005-3624\", \"CVE-2005-3625\", \"CVE-2005-3626\", \"CVE-2005-3627\");\n script_xref(name:\"FEDORA\", value:\"2005-029\");\n\n script_name(english:\"Fedora Core 3 : tetex-2.0.2-21.7.FC3 (2005-029)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the way teTeX processes PDF files. An\nattacker could construct a carefully crafted PDF file that could cause\npoppler to crash or possibly execute arbitrary code when opened.\n\nThe Common Vulnerabilities and Exposures project assigned the names\nCVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to\nthese issues.\"\n );\n # http://lists.fedoraproject.org/pipermail/announce/2006-January/001741.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c40646cc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #20410 (fedora_2006-029.nasl) instead.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"tetex-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-afm-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-debuginfo-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-doc-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-dvips-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-fonts-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-latex-2.0.2-21.7.FC3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"tetex-xdvi-2.0.2-21.7.FC3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2020-07-17T03:29:23", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0262\n\n\nThe kdegraphics packages contain applications for the K Desktop Environment\r\nincluding kpdf, a PDF file viewer.\r\n\r\nMarcelo Ricardo Leitner discovered that a kpdf security fix, CVE-2005-3627,\r\nwas incomplete. Red Hat issued kdegraphics packages with this incomplete\r\nfix in RHSA-2005:868. An attacker could construct a carefully crafted PDF\r\nfile that could cause kpdf to crash or possibly execute arbitrary code when\r\nopened. The Common Vulnerabilities and Exposures project assigned the name\r\nCVE-2006-0746 to this issue.\r\n\r\nUsers of kpdf should upgrade to these updated packages, which contain a\r\nbackported patch to resolve this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/024756.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/024761.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/024763.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/024764.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/024771.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0262.html", "edition": 6, "modified": "2006-03-13T14:26:59", "published": "2006-03-09T22:05:31", "href": "http://lists.centos.org/pipermail/centos-announce/2006-March/024756.html", "id": "CESA-2006:0262", "title": "kdegraphics security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:25:26", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0163\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\r\nfor UNIX(R) operating systems.\r\n\r\nChris Evans discovered several flaws in the way CUPS processes PDF files.\r\nAn attacker could construct a carefully crafted PDF file that could cause\r\nCUPS to crash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3624,\r\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\r\n\r\nAll users of CUPS should upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024595.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024596.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024597.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024599.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024600.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024601.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024602.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024609.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024610.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0163.html", "edition": 4, "modified": "2006-01-12T13:18:24", "published": "2006-01-11T22:26:57", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024595.html", "id": "CESA-2006:0163", "title": "cups security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-17T03:28:25", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0177\n\n\ngpdf is a GNOME based viewer for Portable Document Format (PDF) files.\r\n\r\nChris Evans discovered several flaws in the way gpdf processes PDF files.\r\nAn attacker could construct a carefully crafted PDF file that could cause\r\ngpdf to crash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3624,\r\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\r\n\r\nUsers of gpdf should upgrade to this updated package, which contains a\r\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024603.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024604.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024605.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024611.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024612.html\n\n**Affected packages:**\ngpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0177.html", "edition": 8, "modified": "2006-01-12T13:20:38", "published": "2006-01-12T05:08:16", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024603.html", "id": "CESA-2006:0177", "title": "gpdf security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:40", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "**CentOS Errata and Security Advisory** CESA-2005:840-01\n\n\nThe xpdf package is an X Window System-based viewer for Portable Document\r\nFormat (PDF) files.\r\n\r\nSeveral flaws were discovered in Xpdf. An attacker could construct a\r\ncarefully crafted PDF file that could cause Xpdf to crash or possibly\r\nexecute arbitrary code when opened. The Common Vulnerabilities and\r\nExposures project assigned the names CVE-2005-3191, CVE-2005-3192, and\r\nCVE-2005-3193 to these issues.\r\n\r\nUsers of Xpdf should upgrade to this updated package, which contains a\r\nbackported patch to resolve these issues.\r\n\r\nRed Hat would like to thank Derek B. Noonburg for reporting this issue and\r\nproviding a patch.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024507.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 6, "modified": "2005-12-07T00:42:21", "published": "2005-12-07T00:42:21", "href": "http://lists.centos.org/pipermail/centos-announce/2005-December/024507.html", "id": "CESA-2005:840-01", "title": "xpdf security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:05", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "**CentOS Errata and Security Advisory** CESA-2005:840-02\n\n\nThe xpdf package is an X Window System-based viewer for Portable Document\r\nFormat (PDF) files.\r\n\r\nSeveral flaws were discovered in Xpdf. An attacker could construct a\r\ncarefully crafted PDF file that could cause Xpdf to crash or possibly\r\nexecute arbitrary code when opened. The Common Vulnerabilities and\r\nExposures project assigned the names CVE-2005-3191, CVE-2005-3192, and\r\nCVE-2005-3193 to these issues.\r\n\r\nUsers of Xpdf should upgrade to this updated package, which contains a\r\nbackported patch to resolve these issues.\r\n\r\nRed Hat would like to thank Derek B. Noonburg for reporting this issue and\r\nproviding a patch.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024545.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 6, "modified": "2005-12-22T00:12:57", "published": "2005-12-22T00:12:57", "href": "http://lists.centos.org/pipermail/centos-announce/2005-December/024545.html", "id": "CESA-2005:840-02", "title": "xpdf security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:26:07", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "**CentOS Errata and Security Advisory** CESA-2005:868\n\n\nThe kdegraphics packages contain applications for the K Desktop Environment\r\nincluding kpdf, a pdf file viewer.\r\n\r\nSeveral flaws were discovered in kpdf. An attacker could construct a\r\ncarefully crafted PDF file that could cause kpdf to crash or possibly\r\nexecute arbitrary code when opened. The Common Vulnerabilities and\r\nExposures project assigned the names CVE-2005-3191, CVE-2005-3192, and\r\nCVE-2005-3193 to these issues.\r\n\r\nUsers of kpdf should upgrade to these updated packages, which contain a\r\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024536.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024543.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024556.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024557.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024558.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-868.html", "edition": 6, "modified": "2005-12-22T15:53:55", "published": "2005-12-21T02:55:30", "href": "http://lists.centos.org/pipermail/centos-announce/2005-December/024536.html", "id": "CESA-2005:868", "title": "kdegraphics security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0160-01\n\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input and creates a typesetter-independent .dvi\r\n(DeVice Independent) file as output.\r\n\r\nSeveral flaws were discovered in the teTeX PDF parsing library. An attacker\r\ncould construct a carefully crafted PDF file that could cause teTeX to\r\ncrash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3191,\r\nCVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626,\r\nCVE-2005-3627 and CVE-2005-3628 to these issues.\r\n\r\nUsers of teTeX should upgrade to these updated packages, which contain\r\nbackported patches and are not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024642.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvilj\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2006-01-30T00:51:00", "published": "2006-01-30T00:51:00", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024642.html", "id": "CESA-2006:0160-01", "title": "tetex security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:11", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0160\n\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input and creates a typesetter-independent .dvi\r\n(DeVice Independent) file as output.\r\n\r\nSeveral flaws were discovered in the teTeX PDF parsing library. An attacker\r\ncould construct a carefully crafted PDF file that could cause teTeX to\r\ncrash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3191,\r\nCVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626,\r\nCVE-2005-3627 and CVE-2005-3628 to these issues.\r\n\r\nUsers of teTeX should upgrade to these updated packages, which contain\r\nbackported patches and are not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024623.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024624.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024629.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024630.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024632.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024633.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024636.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024638.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024640.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0160.html", "edition": 4, "modified": "2006-01-20T17:54:12", "published": "2006-01-19T21:19:14", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024623.html", "id": "CESA-2006:0160", "title": "tetex security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-08T03:33:20", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "**CentOS Errata and Security Advisory** CESA-2005:840\n\n\nThe xpdf package is an X Window System-based viewer for Portable Document\r\nFormat (PDF) files.\r\n\r\nSeveral flaws were discovered in Xpdf. An attacker could construct a\r\ncarefully crafted PDF file that could cause Xpdf to crash or possibly\r\nexecute arbitrary code when opened. The Common Vulnerabilities and\r\nExposures project assigned the names CVE-2005-3191, CVE-2005-3192, and\r\nCVE-2005-3193 to these issues.\r\n\r\nUsers of Xpdf should upgrade to this updated package, which contains a\r\nbackported patch to resolve these issues.\r\n\r\nRed Hat would like to thank Derek B. Noonburg for reporting this issue and\r\nproviding a patch.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024487.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024488.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024491.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024492.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024495.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024497.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024498.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024501.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024503.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024528.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024531.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024538.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024548.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024551.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024567.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/024568.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/036857.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-December/036858.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-840.html", "edition": 9, "modified": "2005-12-22T16:13:25", "published": "2005-12-06T16:19:16", "href": "http://lists.centos.org/pipermail/centos-announce/2005-December/024487.html", "id": "CESA-2005:840", "title": "xpdf security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:38", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "description": "The kdegraphics packages contain applications for the K Desktop Environment\r\nincluding kpdf, a PDF file viewer.\r\n\r\nMarcelo Ricardo Leitner discovered that a kpdf security fix, CVE-2005-3627,\r\nwas incomplete. Red Hat issued kdegraphics packages with this incomplete\r\nfix in RHSA-2005:868. An attacker could construct a carefully crafted PDF\r\nfile that could cause kpdf to crash or possibly execute arbitrary code when\r\nopened. The Common Vulnerabilities and Exposures project assigned the name\r\nCVE-2006-0746 to this issue.\r\n\r\nUsers of kpdf should upgrade to these updated packages, which contain a\r\nbackported patch to resolve this issue.", "modified": "2017-09-08T12:16:52", "published": "2006-03-09T05:00:00", "id": "RHSA-2006:0262", "href": "https://access.redhat.com/errata/RHSA-2006:0262", "type": "redhat", "title": "(RHSA-2006:0262) kdegraphics security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:42", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3624", "CVE-2005-3625", "CVE-2005-3626", "CVE-2005-3627"], "description": "gpdf is a GNOME based viewer for Portable Document Format (PDF) files.\r\n\r\nChris Evans discovered several flaws in the way gpdf processes PDF files.\r\nAn attacker could construct a carefully crafted PDF file that could cause\r\ngpdf to crash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3624,\r\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\r\n\r\nUsers of gpdf should upgrade to this updated package, which contains a\r\nbackported patch to resolve these issues.", "modified": "2017-09-08T12:08:02", "published": "2006-01-11T05:00:00", "id": "RHSA-2006:0177", "href": "https://access.redhat.com/errata/RHSA-2006:0177", "type": "redhat", "title": "(RHSA-2006:0177) gpdf security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:42", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3624", "CVE-2005-3625", "CVE-2005-3626", "CVE-2005-3627"], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\r\nfor UNIX(R) operating systems.\r\n\r\nChris Evans discovered several flaws in the way CUPS processes PDF files.\r\nAn attacker could construct a carefully crafted PDF file that could cause\r\nCUPS to crash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3624,\r\nCVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.\r\n\r\nAll users of CUPS should upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.", "modified": "2017-09-08T11:48:06", "published": "2006-01-11T05:00:00", "id": "RHSA-2006:0163", "href": "https://access.redhat.com/errata/RHSA-2006:0163", "type": "redhat", "title": "(RHSA-2006:0163) cups security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3191", "CVE-2005-3192", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3625", "CVE-2005-3626", "CVE-2005-3627", "CVE-2005-3628"], "description": "TeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input and creates a typesetter-independent .dvi\r\n(DeVice Independent) file as output.\r\n\r\nSeveral flaws were discovered in the teTeX PDF parsing library. An attacker\r\ncould construct a carefully crafted PDF file that could cause teTeX to\r\ncrash or possibly execute arbitrary code when opened. The Common\r\nVulnerabilities and Exposures project assigned the names CVE-2005-3191,\r\nCVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626,\r\nCVE-2005-3627 and CVE-2005-3628 to these issues.\r\n\r\nUsers of teTeX should upgrade to these updated packages, which contain\r\nbackported patches and are not vulnerable to these issues.", "modified": "2019-03-22T23:42:40", "published": "2006-01-19T05:00:00", "id": "RHSA-2006:0160", "href": "https://access.redhat.com/errata/RHSA-2006:0160", "type": "redhat", "title": "(RHSA-2006:0160) tetex security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:32:57", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3191", "CVE-2005-3192", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3625", "CVE-2005-3626", "CVE-2005-3627", "CVE-2005-3628"], "description": "The xpdf package is an X Window System-based viewer for Portable Document\r\nFormat (PDF) files.\r\n\r\nSeveral flaws were discovered in Xpdf. An attacker could construct a\r\ncarefully crafted PDF file that could cause Xpdf to crash or possibly\r\nexecute arbitrary code when opened. The Common Vulnerabilities and\r\nExposures project assigned the names CVE-2005-3191, CVE-2005-3192, and\r\nCVE-2005-3193 to these issues.\r\n\r\nUsers of Xpdf should upgrade to this updated package, which contains a\r\nbackported patch to resolve these issues.\r\n\r\nRed Hat would like to thank Derek B. Noonburg for reporting this issue and\r\nproviding a patch.", "modified": "2018-03-14T19:26:40", "published": "2005-12-06T05:00:00", "id": "RHSA-2005:840", "href": "https://access.redhat.com/errata/RHSA-2005:840", "type": "redhat", "title": "(RHSA-2005:840) xpdf security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:33:34", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3191", "CVE-2005-3192", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3625", "CVE-2005-3626", "CVE-2005-3627", "CVE-2005-3628"], "description": "The kdegraphics packages contain applications for the K Desktop Environment\r\nincluding kpdf, a pdf file viewer.\r\n\r\nSeveral flaws were discovered in kpdf. An attacker could construct a\r\ncarefully crafted PDF file that could cause kpdf to crash or possibly\r\nexecute arbitrary code when opened. The Common Vulnerabilities and\r\nExposures project assigned the names CVE-2005-3191, CVE-2005-3192, and\r\nCVE-2005-3193 to these issues.\r\n\r\nUsers of kpdf should upgrade to these updated packages, which contain a\r\nbackported patch to resolve these issues.", "modified": "2017-09-08T12:10:48", "published": "2005-12-20T05:00:00", "id": "RHSA-2005:868", "href": "https://access.redhat.com/errata/RHSA-2005:868", "type": "redhat", "title": "(RHSA-2005:868) kdegraphics security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:16", "bulletinFamily": "software", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "description": "\r\nKDE Security Advisory: kpdf/xpdf heap based buffer overflow\r\nOriginal Release Date: 2006-03-10\r\nURL: http://www.kde.org/info/security/advisory-20060202-1.txt\r\n\r\n0. References\r\n CVE-2006-0746\r\n\r\n\r\n1. Systems affected:\r\n\r\n KDE 3.3.2 with patch from CVE-2005-3627 applied. Please\r\n note that the patch for KDE 3.4.x and newer was correct and\r\n is unaffected.\r\n\r\n\r\n2. Overview:\r\n\r\n kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains\r\n multiple vulnerabilities, one of them being CVE-2005-3627,\r\n that was patched in the KDE security advisory 20051207-2.\r\n However, the patch published for KDE 3.3.x was faulty and\r\n only partially fixed the vulnerability. We'd like to thank\r\n Marcelo Ricardo Leitner for bringing this error to our attention.\r\n The Common Vulnerabilities and Exposures project has assigned\r\n CVE-2006-0746 to this issue.\r\n\r\n\r\n3. Impact:\r\n\r\n Remotely supplied pdf files can be used to execute arbitrary\r\n code on the client machine.\r\n\r\n\r\n4. Solution:\r\n\r\n Source code patches have been made available which fix these\r\n vulnerabilities. Contact your OS vendor / binary package provider\r\n for information about how to obtain updated binary packages.\r\n\r\n\r\n5. Patch:\r\n\r\n Patch for KDE 3.3.2 and newer is available from \r\n ftp://ftp.kde.org/pub/kde/security_patches :\r\n\r\n ea346b89a3b39915abbfd56841b9df23 post-3.3.2-kdegraphics-CVE-2006-0746.diff\r\n\r\n\r\n\r\n-- \r\nDirk//\", "edition": 1, "modified": "2006-03-10T00:00:00", "published": "2006-03-10T00:00:00", "id": "SECURITYVULNS:DOC:11776", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11776", "title": "[KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200601-17\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap\r\n overflows\r\n Date: January 30, 2006\r\n Bugs: #117481, #117494, #117495, #115789, #118665\r\n ID: 200601-17\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nXpdf, Poppler, GPdf, libextractor and pdftohtml are vulnerable to\r\ninteger overflows that may be exploited to execute arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nXpdf is a PDF file viewer that runs under the X Window System. Poppler\r\nis a PDF rendering library based on the Xpdf 3.0 code base. GPdf is a\r\nPDF file viewer for the GNOME 2 platform, also based on Xpdf.\r\nlibextractor is a library which includes Xpdf code to extract arbitrary\r\nmeta-data from files. pdftohtml is a utility to convert PDF files to\r\nHTML or XML formats that makes use of Xpdf code to decode PDF files.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 app-text/xpdf < 3.01-r5 >= 3.01-r5\r\n 2 app-text/poppler < 0.4.3-r4 >= 0.4.3-r4\r\n 3 app-text/gpdf < 2.10.0-r3 >= 2.10.0-r3\r\n 4 media-libs/libextractor < 0.5.9 >= 0.5.9\r\n 5 app-text/pdftohtml < 0.36-r4 Vulnerable!\r\n -------------------------------------------------------------------\r\n NOTE: Certain packages are still vulnerable. Users should migrate\r\n to another package if one is available or wait for the\r\n existing packages to be marked stable by their\r\n architecture maintainers.\r\n -------------------------------------------------------------------\r\n 5 affected packages on all of their supported architectures.\r\n -------------------------------------------------------------------\r\n\r\nDescription\r\n===========\r\n\r\nChris Evans has reported some integer overflows in Xpdf when attempting\r\nto calculate buffer sizes for memory allocation, leading to a heap\r\noverflow and a potential infinite loop when handling malformed input\r\nfiles.\r\n\r\nImpact\r\n======\r\n\r\nBy sending a specially crafted PDF file to a victim, an attacker could\r\ncause an overflow, potentially resulting in the execution of arbitrary\r\ncode with the privileges of the user running the application.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Xpdf users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-text/xpdf-3.01-r5"\r\n\r\nAll Poppler users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-text/poppler-0.4.3-r4"\r\n\r\nAll GPdf users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-text/gpdf-2.10.0-r3"\r\n\r\nAll libextractor users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=media-libs/libextractor-0.5.9"\r\n\r\nAll pdftohtml users should migrate to the latest stable version of\r\nPoppler.\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2005-3627\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627\r\n [ 2 ] CVE-2005-3626\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626\r\n [ 3 ] CVE-2005-3625\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625\r\n [ 4 ] CVE-2005-3624\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200601-17.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2006 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.0", "edition": 1, "modified": "2006-02-01T00:00:00", "published": "2006-02-01T00:00:00", "id": "SECURITYVULNS:DOC:11253", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11253", "title": "[ GLSA 200601-17 ] Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDKSA-2006:005\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : xpdf\r\n Date : January 5, 2006\r\n Affected: 2006.0, Corporate 2.1, Corporate 3.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n Multiple heap-based buffer overflows in the\r\n DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions\r\n in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier,\r\n allow user-complicit attackers to cause a denial of service (heap\r\n corruption) and possibly execute arbitrary code via a crafted PDF file\r\n with an out-of-range number of components (numComps), which is used as\r\n an array index. (CVE-2005-3191)\r\n \r\n Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01\r\n allows remote attackers to execute arbitrary code via a PDF file with\r\n an out-of-range numComps (number of components) field. (CVE-2005-3192)\r\n \r\n Heap-based buffer overflow in the JPXStream::readCodestream function\r\n in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier\r\n allows user-complicit attackers to cause a denial of service (heap\r\n corruption) and possibly execute arbitrary code via a crafted PDF file\r\n with large size values that cause insufficient memory to be allocated.\r\n (CVE-2005-3193)\r\n \r\n An additional patch re-addresses memory allocation routines in\r\n goo/gmem.c (Martin Pitt/Canonical, Dirk Mueller/KDE). \r\n \r\n In addition, Chris Evans discovered several other vulnerbilities in\r\n the xpdf code base:\r\n \r\n Out-of-bounds heap accesses with large or negative parameters to \r\n "FlateDecode" stream. (CVE-2005-3192)\r\n \r\n Out-of-bounds heap accesses with large or negative parameters to\r\n "CCITTFaxDecode" stream. (CVE-2005-3624)\r\n \r\n Infinite CPU spins in various places when stream ends unexpectedly.\r\n (CVE-2005-3625) \r\n \r\n NULL pointer crash in the "FlateDecode" stream. (CVE-2005-3626)\r\n \r\n Overflows of compInfo array in "DCTDecode" stream. (CVE-2005-3627)\r\n \r\n Possible to use index past end of array in "DCTDecode" stream.\r\n (CVE-2005-3627)\r\n \r\n Possible out-of-bounds indexing trouble in "DCTDecode" stream.\r\n (CVE-2005-3627)\r\n \r\n The updated packages have been patched to correct these problems.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 2006.0:\r\n 9f0d2d83c61f4cab871138ac2866dd30 2006.0/RPMS/xpdf-3.01-1.1.20060mdk.i586.rpm\r\n 51daa161fb5581aba221d4be39c5acbc 2006.0/SRPMS/xpdf-3.01-1.1.20060mdk.src.rpm\r\n\r\n Mandriva Linux 2006.0/X86_64:\r\n c0eb562149fe7025798ce38ef361d9c7 x86_64/2006.0/RPMS/xpdf-3.01-1.1.20060mdk.x86_64.rpm\r\n 51daa161fb5581aba221d4be39c5acbc x86_64/2006.0/SRPMS/xpdf-3.01-1.1.20060mdk.src.rpm\r\n\r\n Corporate Server 2.1:\r\n d35b8a8e201185bff3b6acfa9c3b9186 corporate/2.1/RPMS/xpdf-1.01-4.10.C21mdk.i586.rpm\r\n 1f5f85d3bc3577b1141d3ea54015b63a corporate/2.1/SRPMS/xpdf-1.01-4.10.C21mdk.src.rpm\r\n\r\n Corporate Server 2.1/X86_64:\r\n f1a715d6a7fe797d09cde9dff6db4800 x86_64/corporate/2.1/RPMS/xpdf-1.01-4.10.C21mdk.x86_64.rpm\r\n 1f5f85d3bc3577b1141d3ea54015b63a x86_64/corporate/2.1/SRPMS/xpdf-1.01-4.10.C21mdk.src.rpm\r\n\r\n Corporate 3.0:\r\n bfb96e34ea12293b22cd766b61da64fe corporate/3.0/RPMS/xpdf-3.00-5.7.C30mdk.i586.rpm\r\n 1e4153bea0ed2092819aa88dbc67ade4 corporate/3.0/SRPMS/xpdf-3.00-5.7.C30mdk.src.rpm\r\n\r\n Corporate 3.0/X86_64:\r\n 0eb5eba5d264041cd67931add3d6e841 x86_64/corporate/3.0/RPMS/xpdf-3.00-5.7.C30mdk.x86_64.rpm\r\n 1e4153bea0ed2092819aa88dbc67ade4 x86_64/corporate/3.0/SRPMS/xpdf-3.00-5.7.C30mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.4 (GNU/Linux)\r\n\r\niD8DBQFDvaFkmqjQ0CJFipgRAk6mAJoDurXI2mjmzo+9721J+hFNREosUQCgo8tO\r\nke9lBlrFo2PfLgCfaOGWijo=\r\n=fq3D\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2006-01-07T00:00:00", "published": "2006-01-07T00:00:00", "id": "SECURITYVULNS:DOC:10913", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:10913", "title": "MDKSA-2006:005 - Updated xpdf packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 961-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nFebruary 1st, 2006 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : pdfkit.framework\r\nVulnerability : buffer overflows\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624\r\n CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\r\n\r\n"infamous41md" and Chris Evans discovered several heap based buffer\r\noverflows in xpdf which are also present in pdfkit.framework, the\r\nGNUstep framework for rendering PDF content, and which can lead to a\r\ndenial of service by crashing the application or possibly to the\r\nexecution of arbitrary code.\r\n\r\nThe old stable distribution (woody) does not contain pdfkit.framework\r\npackages.\r\n\r\nFor the stable distribution (sarge) these problems have been fixed in\r\nversion 0.8-2sarge1.\r\n\r\nFor the unstable distribution (sid) these problems will be fixed soon.\r\n\r\nWe recommend that you upgrade your pdfkit.framework package.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.1 alias sarge\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1.dsc\r\n Size/MD5 checksum: 725 67fb49e4f05a6eef25396d23ca0baacd\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1.diff.gz\r\n Size/MD5 checksum: 5699 61578e6e26adf73639b464210830896b\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8.orig.tar.gz\r\n Size/MD5 checksum: 1780533 7676643ff78a0602c10bfb97fe0bd448\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_alpha.deb\r\n Size/MD5 checksum: 1821874 8fe74b91409115b4547ba273501e8f79\r\n\r\n AMD64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_amd64.deb\r\n Size/MD5 checksum: 1796698 c6f96adecd322a60d77379d1513b26dc\r\n\r\n ARM architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_arm.deb\r\n Size/MD5 checksum: 1756056 8632f1ef914df5fcc3b6c3f6dc9ce459\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_i386.deb\r\n Size/MD5 checksum: 1750384 f000dee97e83dbe85941c1305e689ef2\r\n\r\n Intel IA-64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_ia64.deb\r\n Size/MD5 checksum: 1980936 dce8ad12b1ce0e5e097c51243c68f749\r\n\r\n HP Precision architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_hppa.deb\r\n Size/MD5 checksum: 1862404 b4b0d1a421d02987330502e4a653e6a9\r\n\r\n Motorola 680x0 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_m68k.deb\r\n Size/MD5 checksum: 1785734 1c14679aba2cd8cd8bf7aabd42db1cf6\r\n\r\n Big endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_mips.deb\r\n Size/MD5 checksum: 1769138 6600cf166ba6ced0b6c067338f9565c1\r\n\r\n Little endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_mipsel.deb\r\n Size/MD5 checksum: 1754778 0539c52303cf950f3ea66f78eb875449\r\n\r\n PowerPC architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_powerpc.deb\r\n Size/MD5 checksum: 1770876 a8098242afc68c1dfd0c2141f95d88f5\r\n\r\n IBM S/390 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_s390.deb\r\n Size/MD5 checksum: 1804716 88af5f5ab641839eac628f9dd36e4509\r\n\r\n Sun Sparc architecture:\r\n\r\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_sparc.deb\r\n Size/MD5 checksum: 1779964 c07986d5367f97f1598d7e2d592fdc40\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.2 (GNU/Linux)\r\n\r\niD8DBQFD4GGxW5ql+IAeqTIRAvQiAJ4xOAQr4GcVkPcKAGIlXuLVh+cDOgCdHp19\r\nWLOiQcmij8udAgyvS0Y7Jw4=\r\n=Fs3s\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "edition": 1, "modified": "2006-02-01T00:00:00", "published": "2006-02-01T00:00:00", "id": "SECURITYVULNS:DOC:11258", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11258", "title": "[Full-disclosure] [SECURITY] [DSA 961-1] New pdfkit.framework packages fix arbitrary code execution", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:15:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2006-0746"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1008-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 17th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kdegraphics\nVulnerability : buffer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2006-0746\n\nMarcelo Ricardo Leitner noticed that the current patch in DSA 932\n(CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all\nbuffer overflows, still allowing an attacker to execute arbitrary\ncode.\n\nThe old stable distribution (woody) does not contain kpdf packages.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 3.3.2-2sarge4.\n\nThe unstable distribution (sid) is not affected by this problem.\n\nWe recommend that you upgrade your kpdf package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge4.dsc\n Size/MD5 checksum: 1319 43ac45170bb03f24c1be932f3beec501\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge4.diff.gz\n Size/MD5 checksum: 159241 9d94b3cba4d2d2fb5b214ff5b5474571\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2.orig.tar.gz\n Size/MD5 checksum: 7661488 6d0bb2c6e2e2f666d123778fbc520317\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge4_all.deb\n Size/MD5 checksum: 17692 1fd89fbc3b1072a80806818830beb09e\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 92562 9756cb10bad8978c878b6da475f5eb0e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 109134 2a1bc7799e7c9031a11201db94639ae0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 65048 4ccccb6a0d038476996fbcc9f2741e39\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 276348 d189ebedfc3724fc349b11a73d76f42a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 497636 cba504f0977a2aacae8c8e0372657eed\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 149382 b58fb0b7529c9e619fc55b92c3f0c0b9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 93010 c04d7190578341742f9077c219df8120\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 246026 042a712f9cca7460ae706f4f080038de\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 159650 feb5a00005e8b17b905304e028fad7cc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 244612 6901c4aeca5c4a0d2d19aa673dff9608\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 831252 0a65b6094e8d00922c5fa27a7c70f08a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 774118 b52f9da62fc434195fcd1282071cedb9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 534596 c584bd053abf9f7f1bb3978e2a6ee14c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 2317606 405e0561885de7f3e90b3f045c7a6955\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 63458 1e766cf8f2384f66a7666a6cac43ffd0\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 103144 0d78edf28f8f97741c6a0a16fdc23b9f\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 1357698 d1a88595ecceda9f4c97a1f5079bafc3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 483848 9ae8c75611924205d7ddea124ce8b268\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 695462 90e9a004ae39baaf02a1568e174d995e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 183922 10c4630a3ebb80db7e555f21095658da\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 33168 2c1607aa7735f0dd542a02ba898de2b3\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_alpha.deb\n Size/MD5 checksum: 148284 081b1391f03fefe0988d6d33606e02b3\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 88026 4d88a9462ab550add629627d51e32f75\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 100350 2e9b10b88ed8c72692d5f41f8f8781b7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 65038 21df21b342491a6956fb98403e71093e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 252176 aaeabe2aca7974c32f3dd6b4429b5236\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 485764 ad86133b87c72eeedc48e6d3144a6735\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 144950 0a642dcb3ba0fa758514d31a7f2baa77\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 87916 92ed2db741ccef4c30f1a2c5c25e57c2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 234036 80cf297fd0dac6ad3c0b55cdc324c3df\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 143550 f5dfa981bb82628f09e38cecb0877451\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 233954 8d1c5e0be4e20ce4eebb328cd9dd3d3e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 768020 d2bbe335546533e3d1b6af8e8497064d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 759692 aedd3d6b8058673dcd506816a5714f3f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 485872 dcdfe1849792287b457a1c038c27ef41\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 2233442 63e9cd59c6c4bbc6c95e116c087142d7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 63206 0163281e8b9e72cfd67163a9eb4bfc63\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 99880 761a663c65c1ac98084a74a6dce1e6de\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 1223498 4b993c2e1b377d7a2633b9a7f11a85e0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 477694 ee44ff335ad30fd9a01cf8580934d0c5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 678692 f631284460d12b500e349af93a8ec015\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 173280 966c943ad1b09bf84c8edd723b7d0212\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 33156 3459935d2acdcf4d333e92fe6a9e4bc9\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_amd64.deb\n Size/MD5 checksum: 140224 3b2cfbac05becafeaedec7bcbbfca57f\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 82442 68ab11d403222d366689c8aba7541d6e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 88508 7acfa3d0c3871ab370f8dbad3fa7b3a9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 65054 e6087f69c4805ddc09ddea9290c343ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 223048 f2609bd03e5bc367b809de85c2c5f2e3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 471350 18aa01e23124dfb0eb75b6351c6aba07\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 137314 d4a65fba98545ed647ac9fb17ffba630\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 85022 f9e36d0aabfb5fce610cc27fd3a0cc39\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 217586 51906b1b9c151f5f874f4c4aae74bb75\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 127616 be6c7a1d0abac9a3ad0ba833f6248bd4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 210338 ee54797b603cf53a683d795a232e4182\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 712276 73ec0b0296372d4e35ce99634571e86b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 739730 e5c5ab1cfc12dc4afe7e77e80d250e52\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 424202 2149f233ff9628619f85e4d876f3d2c5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 2095236 fb1fe350df8952d70873b0a4583bd58e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 59302 c038aee2191e497a416e8c2a6d19201a\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 93412 eda14f15ab8e1587d2a5e0ea55c42f26\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 1310524 c3667b13016a8315a4bb338223b4dcc4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 465522 33cda8f09e6bc106dbdfc2b1d3833075\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 641364 b0a71aabc394c924141a611053dbe272\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 155200 aae5175ab93f275ce0a52296a3c07ef0\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 33164 c60466c375e0706db80ddef7097b33d4\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_arm.deb\n Size/MD5 checksum: 124262 84a12af49bba3c1efba20a06fa0eac89\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 85974 1756693296e8a4fff6032de0b14f66fb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 95482 2d5250662da572fd6e6cbf81eed65233\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 65028 d5af7d9e9ba151841b20dc99118c4dcc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 222074 3d3e6a4b4fcf95deaa1b0618bd8b3221\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 483920 0ce515e7889de610ca0c13d3b04d8e7c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 140518 98c333d6fdc6127e6dd20b58ae9f5e77\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 85924 7ced78d771ba3e3dcf05c822180b8b60\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 227494 7599c5a75c02cc9176e242cadd6eec2c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 136006 9023dd096f8d7db71a8c5e6238b4f982\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 221810 fe6428bc416758917952e8d5d66bf17c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 748378 94623ef737085b71da29da266d576e9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 750768 db76d0b5c63d84c8fda28afd628644b6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 452156 6339c8202d78857bb82da6d433de0674\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 2205690 2a1a96ca8e376c1b8533c4c4a439723c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 62596 3e12b86f50547e2755c863d87dea3624\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 97280 b80e1e4a50bec1b2cfcad06c616cb68c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 1220876 2c48a65cfd398c6faee37897fda517a6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 472086 b9a9ed2e04243cb6b41b66831f7f512f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 643512 5c9bcc4f800d2db983f9424123d97cb5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 166966 3b4df91a0ff430e96a2e8d7a39bcb68e\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 33170 951d234557a06fca3172dde88afc9baa\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_i386.deb\n Size/MD5 checksum: 134572 a10fa045a2f0cf44dbaa2fae01b89f23\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 102470 2a65ac0c00ab18a60f4659bf49914951\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 117854 ec8f9ca1bc4dab722174f50cf4ade8c6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 65042 aebb7456ef0058fc52353b0fa7cc70ef\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 322984 46a0708ab2460bfc0185bb7c37a2183d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 540674 ba2a6007c06bbc80c732dbbe9c7b10db\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 160144 90f156c419866d0948cdeecc19553b66\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 103992 18375b66e303f0e5909446fc3036e413\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 280868 b405b7d88d19d39511e09df166796524\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 176242 6e4591918a78b476f1c9e82bae646488\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 277368 edd217608512c888ade313edb50c2449\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 888484 3214bfa6147e30543b102d9a83c66bfe\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 799058 77098d0a472bc4670c96a5fca475ad74\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 629522 16c1523a13bd0e4d6a79934a6eee3026\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 2537924 8932876ac480240c67a42fd499a43a0f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 67838 14e2fdfab6e883fa56440ad38fdf4af4\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 108222 69a6d19bdcf50e353ec73be3be1df1c9\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 1417188 6c67cd531543eaa50f2c20be73e1bb6b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 501652 913771b82fec36d109f4066246232c2c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 730782 899bd8bb29f31c8f135eb3c57b5cfdd4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 205816 6460c1d539a4c5351ecbc47c04c2914d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 33158 a36fce4d5feb1ac2a128ba8117846a28\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_ia64.deb\n Size/MD5 checksum: 170576 ae2d05936b52fdf647a0c41b8733e3a6\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 93286 d5fd68c71374c2d0cc69b9dfe9e660c6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 101314 aa521b29722ca3d5bb17ac848c8efbd1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 65044 69a61354b6e941112b1d8d035afdba73\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 271012 8ab9d8029dc091be6f13fffde0e31e63\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 505442 3fb5f3a4e9d498c3493b5059ba0182e6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 146274 ffa50661379862b2e5308b70fc57292e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 93280 c906dc7651f37c29c1b8d372c0404f0a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 250276 8aff2a9d66addefa83ad1bf1cb742a32\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 146428 b25068917acda0d82e6fc87e4aba01c3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 246094 6acbf623b8bd458749843faa2c3d4237\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 796984 536700951c136a15094628c546c73b97\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 757554 6822638b582ceaf76b2fa63348030952\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 535238 38a57140a0067daa1c6dbbc04679d6ff\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 2371610 9acc9ce49e18bd15653875e78bbe4125\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 61548 4a074bcec35028d1a0f6c72fce6a39ea\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 99262 7e10abb66dc0dbe48ebdf9c434a48b2e\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 1563088 fc915f2b573f8c43c1183701e1fa4298\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 485116 a1af93c3051d3922cf789a436d50b0dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 700930 80afd63eb36229a829d8e572e7d62cd0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 183906 ef5c8452772d3f14cc4a34d9bf84f3f9\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 33168 7994c2f888708577449b12a3f08e5e7d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_hppa.deb\n Size/MD5 checksum: 148064 64e847426cb707874230818e67d4b2e6\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 85432 b3c0dac6c9290f57662d0c7930c27fe9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 91156 62ce9f0e343c7a9c6ced61cc255f56b5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 65072 ea003e378d279b0b3b37bc389e5f52a8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 229594 3ad61a67340bd0d6b67e99e5e5f048bf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 477008 94fd9b62308fa3fedab05cb8d349680c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 138580 a55e5483d64f84e82ea74c1637d925f3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 85236 566cb3d7917602c15b81d0ad462d26c7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 229418 9089fa4ddbea7ac9b67f6a7b67b96aa1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 128676 2b5c0c1086ad6e7390c0b5ed8a0cc355\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 223676 c6ad2481615f96d05b251c3b229f5737\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 705128 08f1c4f8e3752e9cceac0169303e4ea5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 743214 a3965f390a427bd19154fe9c52146acc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 447462 cad16497a865bfadfbecc22a48586722\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 2148828 8d3fa1f4574c67844db7db83863f269f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 61314 e6aade9bc9f553544e78f789d95eff6f\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 96692 afec4cde283b2810f32480459d1a9f61\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 1316020 58f1ab6285b0f1bec64020843df1198f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 475874 406c0846a90467119d4dc392eb4aa411\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 682584 197d1d823896c045a334bd9980f85784\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 166342 5e7c9807b5653d1fc5933d83f64f914b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 33176 ef25017cd5714288433676bfe0263009\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_m68k.deb\n Size/MD5 checksum: 134022 eb9456b025a5236f7adfe2e8c97a1617\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 79774 09f357395bec690d30d0887c0b36090a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 102568 d894e8f7cbc98d4f3463de66c53a95b9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 65046 a473f854802cda1695a43e4675a78226\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 217976 ed103135943eec1edb23470cebbbd5b7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 461068 247536c191a58d69e54677e7ddca43ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 140578 c32a0cb7860065cdf4915e3883675684\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 81890 503f4545c36731657b0ff4b1c430162c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 215766 d57fa3fa20f974cc39c70d648f74b8b0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 146258 e1b83f01c7d372b71433e1ba91043dbe\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 204082 606b3e4251b4fa80d6c0c6c92f6b4c2f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 788042 444a4520b8a7cd06ac861745878dd510\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 756238 1ddb9b15b4ac13f8710641a75670977d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 455888 00e5b2ae1f5a630c70098e24003a16cf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 2057418 7e74486e6837b7ae09abb016a825dc50\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 59330 2cc420e015d6bc01317b4d014eb0af8b\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 97790 0f4bdaa17a06e11baa9f7c539327ad8c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 1127086 a16c8c2dae1354c394ccd2db5bb29f7c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 463684 d0e642e67515ba14f8d4875c1e1daa67\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 649824 77295251015fa5daefcb85a6cbe74d82\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 156842 d64dd383fa52f6a27db3b8036dc0679e\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 33168 0a0fb5680c820e7f5835719db5504f1c\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_mips.deb\n Size/MD5 checksum: 124622 c13ac16e1b01eb7ca617db8768f3475d\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 79160 abe283246285f448fc34e8340821e64f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 101692 c55bfad06578e7f46fe08c0a8c51e321\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 65072 8003fabf16cce56e2cd004de02f84309\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 215908 ff8ed0ad30d7826f9b87c9f247496c09\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 459716 f3843df9d4ecd46d1878afee3cebbdc5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 139630 a62e218ec8c40d3e9a607c07ae14ad11\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 81426 4e326473cb4db4e84d0c49a410cbcdbb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 213316 acc7526fd0c25f0d82e589706f754e90\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 144622 ad7cf47e9307500b78ea4d22a57c3454\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 201722 c58fd154de233e4dcee14b91da74d835\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 785326 d32d372d562aea929b09766ab0a78e9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 754360 323af108468a38efa8ec34ab08b64026\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 446912 85523fd2b699f97e771cf6043b1d457e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 2046092 be23a22bdb4b53c13b1930a1f15e6227\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 59158 9e2a79e60465852ea04e0e78bd60d085\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 97256 942aa490847ba5e378885a5b5ed91fa1\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 1101846 ce15c56081db29a5937c06f7d094ff06\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 461942 f2a778af67849c021ce6d7160d4667bd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 647408 91a01f6c2f3a9e024b18d13ac94a42dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 154732 458a80679f4d96247aed0f0878772f46\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 33178 3023e9aaf5d8aa4cc35cab48200363c0\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_mipsel.deb\n Size/MD5 checksum: 122472 bbf36cc5021e078740123401a181ef10\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 84724 6037e29804dfd866c4eac9d39f8369a3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 94680 cf8ec6d89b2b56d5356843b2f3ada8ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 65060 7208dba8e79f32e167a559c459054073\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 249610 31f63e4a45a215b442c3cd7f4c0947d6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 474690 861ef8b2ca9d48b4f1e9545f8ab2c44f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 140762 ab78d8c186ed2e5c2a00ca6b3cef45b7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 85296 c32910482440badba9e3efa956a3b123\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 224910 fa7f74a058db489ad50d754b5887fd64\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 132606 a60b1f29be4998307bb41a07604ac742\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 222278 0fbdb9cd12737a20a6c11992b6661299\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 725430 9129f3155776af14b55871a5a0e3346b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 744278 a7e90b8f824fdec74aba0978b2759f47\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 467604 2ee64d48f03ff4f88aba72f8d7f4d969\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 2142416 3b4c86ec2b3e562d1ba9dc2b401cd2ed\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 61100 c358d01ead5b13f4d6686c4c36f210ee\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 95622 c4674e4cc2cbbede5aff6670f7a5112c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 1191144 deef602c795bfb6d63b3182426521710\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 470266 aeef8d8253eb08b3289cfe5ec596863c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 676384 633dd625681957d316d8b635d429a6bb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 161844 fec7d51324e0e7370b7eacd8ddb3f09e\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 33172 8987d11da66b4464c110af954556b217\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_powerpc.deb\n Size/MD5 checksum: 132302 241b11904431c16381163c4f1e35700c\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 89936 62cd7322dabae6b88a9abc5ae0f1942c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 98386 b222a21fa74a7e682e60f362ec8bd890\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 65046 60cb4277c86b050d0d2bb2f44df6adea\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 236560 6eb5dc0ce7a1bf800ac4418cac87a3cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 485064 3fb26a3d6a33f93991a438c5bb81777b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 145442 c3eaeec4f4e5dc61b87c7b22dd91bbcf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 87202 2b09f3c323bd1bdb843b9c5494819ac0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 244178 eb417a619133076e467e4bac2ab9905c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 140900 96d3677702fa016ce5a5c272fd27c33d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 239758 452a9f1998de906bedcff444a18eb493\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 766000 d0d3d68de76b8d5e7a516d69380ac154\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 755660 b0f80b87818de1e228b75d799bb91c7d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 496598 299ca5d1e89e5f533aeb3db4afa6da60\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 2195718 93d4cab12e954d13aeffb82bc1cdcc89\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 63104 7a25f794f8719633ceaa1287d94bee24\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 100778 62fc8f77d6b4b08a16384588251230a1\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 1192608 57cafeb10e0ec86f481fda4eaaf8eccb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 481786 d2fed825bc1a10781b1e12c49de448d4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 682790 cd70d2e6f37a3f6efee37ea4bd70c210\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 176752 79e312d842cdcfe6fdb21c5849a9c939\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 33162 47a2422bac308daca3029dd01593493b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_s390.deb\n Size/MD5 checksum: 142278 68b69061b5f8636b1ff8a284591e2e84\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 82352 e03b54e3124dcc4bd7f4b444d2e610a5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 90776 b240985ad725293128dcceb26dd6c44c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 65054 90050489c4fa05d107f55b32f4144b8c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 219254 f192808a093675277f3d931704755be8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 477572 05c9dea86aed5881325b16d2a7d7df62\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 138008 63b2d5fffa14eb0caffc5d0095ba3ed4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 83268 89f716836b7e6a85ec2ce6fa56c0892d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 223836 944c5b94ce16f6cd3931bc218764f487\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 130580 1921fcdaf9d90e13c4f3da82de7b2f18\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 213648 68b0a6f0baddf1e2032bfc2b3833d5ec\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 714230 7957a935770c97396e12ce644fd502ac\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 744080 8c79acdb476e329532975e5f2a3ac95d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 451512 29a8b87d8d24a94af96ae6958e2609de\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 2142590 7c5759a4ae9323dd474fbd7530939ee8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 60228 a44259aedf495da6b217037b1b3679f0\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 95150 c23cfc9ef44b36f50ded5f457e37f842\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 1175366 eded09038d159500ccfa6079272f3187\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 469254 ddded883c33b3133c5adc0a06d88aa35\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 639774 44946f15c808bd0d4ee069895e6dd1f0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 160352 2be29f85d7d7bfb13bdb8c07416d856f\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 33166 02c114654ebfe1179ce2ff5f2b20cb97\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge4_sparc.deb\n Size/MD5 checksum: 128806 f22cce0b1d9c832ee1654d992a1a5aca\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 9, "modified": "2006-03-17T00:00:00", "published": "2006-03-17T00:00:00", "id": "DEBIAN:DSA-1008-1:0FC6C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00088.html", "title": "[SECURITY] [DSA 1008-1] New kpdf packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:46", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 940-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 13th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : gpdf\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3624 CVE-2005-3625\n CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in gpdf, the GNOME version of the Portable Document\nFormat viewer, and which can lead to a denial of service by crashing\nthe application or possibly to the execution of arbitrary code.\n\nThe old stable distribution (woody) does not contain gpdf packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.8.2-1.2sarge2\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your gpdf package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2.dsc\n Size/MD5 checksum: 1663 9e806f6e5ea32832199a8c5bf779266b\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2.diff.gz\n Size/MD5 checksum: 35176 0e59e244b5e3a574dbba224b7e5e1ed0\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2.orig.tar.gz\n Size/MD5 checksum: 1245535 5ceb66aa95e51c4e1d6e10cb29560ff9\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_alpha.deb\n Size/MD5 checksum: 867712 45327b4e841190f1dab26a4e9dace7c0\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_amd64.deb\n Size/MD5 checksum: 795140 33092f6e73e3056896e0a5af95f4c2b8\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_arm.deb\n Size/MD5 checksum: 781120 be1749c2f690fd09e40eeba5bf73048c\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_i386.deb\n Size/MD5 checksum: 781584 aec07b37f0194b7e7893110a5f3b918e\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_ia64.deb\n Size/MD5 checksum: 957948 2f0c7287a291f6cc868ce42e50ff0115\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_hppa.deb\n Size/MD5 checksum: 859552 37496bf703c8740fac26efbad4ec18b3\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_m68k.deb\n Size/MD5 checksum: 745444 1dd485e125aba53e6b2db3022a3af6f4\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_mips.deb\n Size/MD5 checksum: 818276 1f5e2bdac04517fb9b3f7256c6737402\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_mipsel.deb\n Size/MD5 checksum: 810922 3f2493da946064a82707e27231819af8\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_powerpc.deb\n Size/MD5 checksum: 799428 2f70be4773f1456a68f3eb1857bdc9fd\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_s390.deb\n Size/MD5 checksum: 775768 cb5ac7d4105b5e8584ad839d70a7e482\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/g/gpdf/gpdf_2.8.2-1.2sarge2_sparc.deb\n Size/MD5 checksum: 763556 d44d1d73c018018a5cd7e587636ae8d6\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2006-01-13T00:00:00", "published": "2006-01-13T00:00:00", "id": "DEBIAN:DSA-940-1:EE1A6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00013.html", "title": "[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:12:36", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 937-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 12th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : tetex-bin\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3624 CVE-2005-3625\n CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\nCERT advisory : \nBugTraq ID : \nDebian Bug : 342292\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in tetex-bin, the binary files of teTeX, and which can\nlead to a denial of service by crashing the application or possibly to\nthe execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.0.7+20011202-7.7.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.0.2-30sarge4.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 0.4.3-2 of poppler against which tetex-bin links.\n\nWe recommend that you upgrade your tetex-bin package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7.dsc\n Size/MD5 checksum: 874 4fe4cb1a4bb2d39afc7f92948bafe6af\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7.tar.gz\n Size/MD5 checksum: 10328904 be3ba73c70f6c50637069868c56a7d9e\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_alpha.deb\n Size/MD5 checksum: 84666 14987fa20077b5ce0a10f64d0df7e25f\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_alpha.deb\n Size/MD5 checksum: 53260 7736b2f52cbdd476e8d4b8339b5d8b72\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_alpha.deb\n Size/MD5 checksum: 4569310 e5063538a36c4fd7aa514f2e8711aea0\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_arm.deb\n Size/MD5 checksum: 65270 472d8a8a0f9823eab4b57a9a95515c01\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_arm.deb\n Size/MD5 checksum: 43782 d2dde880cf11acfdaa89d51dbc3735d5\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_arm.deb\n Size/MD5 checksum: 3704454 62ecd37b4548deed4aa633083eda9e3a\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_i386.deb\n Size/MD5 checksum: 62610 b019a923fe66e306fe5864373f35e24a\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_i386.deb\n Size/MD5 checksum: 40920 f42ec41bd53e2a99315aae7f3dd5657a\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_i386.deb\n Size/MD5 checksum: 3137616 24d0d5e485fd32f004aba99607d5b267\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_ia64.deb\n Size/MD5 checksum: 89722 3ff4685d8757f3f34f69d1d3038b99ee\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_ia64.deb\n Size/MD5 checksum: 63476 2d5255d1a7e38287f68692f0fe5dd171\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_ia64.deb\n Size/MD5 checksum: 5599966 6cd21572aad64c291f728cfd8ddf5753\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_hppa.deb\n Size/MD5 checksum: 79344 6cd09b3241459a76bc333ec2cca26eb3\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_hppa.deb\n Size/MD5 checksum: 49540 042b7d2e4889fbed4165d86e3841c396\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_hppa.deb\n Size/MD5 checksum: 4107634 2253868a707890f55508be0a8d2b5084\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_m68k.deb\n Size/MD5 checksum: 61938 328fa7a34388dbdd0bf3d77199f46e83\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_m68k.deb\n Size/MD5 checksum: 41538 6e3a03abbf8382b2aaed4abc95115e34\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_m68k.deb\n Size/MD5 checksum: 2923636 fcd6d90ba74b613de76fd32834c2f250\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_mips.deb\n Size/MD5 checksum: 75074 410d60865596a9e67e0dc721b703610e\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_mips.deb\n Size/MD5 checksum: 42556 9a09bb7af1668ce16cee128f67d2da50\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_mips.deb\n Size/MD5 checksum: 3941504 a6f1b0d37fc2f6dcbfd9d6c245551cf1\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_mipsel.deb\n Size/MD5 checksum: 74864 db91b18d0295fd07a1771f0fdc910730\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_mipsel.deb\n Size/MD5 checksum: 42760 293b2e9ea53c8664208b4eaa5d7d038b\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_mipsel.deb\n Size/MD5 checksum: 3899710 d160c22beba8a431496557b59218ebee\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_powerpc.deb\n Size/MD5 checksum: 73944 edc0023d5a5f6c7810e5e39518e9075c\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_powerpc.deb\n Size/MD5 checksum: 45460 1fa491c88047f14874e162129943a0f2\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_powerpc.deb\n Size/MD5 checksum: 3588892 ec0621101b8f88a8e6886611f476a23b\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_s390.deb\n Size/MD5 checksum: 64262 f8383550467d7d3f0dddb35694b4b453\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_s390.deb\n Size/MD5 checksum: 43938 dc3005de68ffb1f120af9b98a4138ad7\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_s390.deb\n Size/MD5 checksum: 3441798 30d05314a39832a47b3b91f900e78d10\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.7_sparc.deb\n Size/MD5 checksum: 70704 dc6dd4572fe8dc8d79d645190dd5b9e8\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.7_sparc.deb\n Size/MD5 checksum: 48910 cfe4a6905dbd392494d200a64240604d\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.7_sparc.deb\n Size/MD5 checksum: 3599016 000aa70472574b64334c612e8dc6f79b\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4.dsc\n Size/MD5 checksum: 1004 983ccc6f8176a0beedda5df8a06e3537\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4.diff.gz\n Size/MD5 checksum: 154375 3d72a9201f38d2dde021df25b6e1649c\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2.orig.tar.gz\n Size/MD5 checksum: 11677169 8f02d5940bf02072ce5fe05429c90e63\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_alpha.deb\n Size/MD5 checksum: 89842 6de1e46a20510337254c069cec4d8590\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_alpha.deb\n Size/MD5 checksum: 65424 ceb0f7a0bba00d19b0e787d465ccfe2d\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_alpha.deb\n Size/MD5 checksum: 5135466 f1ee07be1b52761c5c421252e69b5fec\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_amd64.deb\n Size/MD5 checksum: 72772 c7912ef834249631873ca38061306b32\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_amd64.deb\n Size/MD5 checksum: 61922 7601e110af324ee3cb90aec31c1a2c4b\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_amd64.deb\n Size/MD5 checksum: 4356908 4fd1dd53475b92b7d3ded8bc23a84d23\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_arm.deb\n Size/MD5 checksum: 67808 ee9b99d5159d1651f6a29768b4cf0854\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_arm.deb\n Size/MD5 checksum: 58142 48e671e8b106b363d8761b3d20acc5ec\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_arm.deb\n Size/MD5 checksum: 4300642 c8049249d1904b75c38081129bc5467e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_i386.deb\n Size/MD5 checksum: 66218 d349881df541b5f7383e5a5390ac238a\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_i386.deb\n Size/MD5 checksum: 59176 81412a2ee64924929205b718813970bb\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_i386.deb\n Size/MD5 checksum: 3939522 fe9e13180506bb76b073be1e289d214e\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_ia64.deb\n Size/MD5 checksum: 89822 abc527d1eccb607d0731be6200352e75\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_ia64.deb\n Size/MD5 checksum: 73492 b7ba1d9e84583256f33a1c5abe76162e\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_ia64.deb\n Size/MD5 checksum: 5909228 984e273287f9d5dbee2e8310ab43ae69\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_hppa.deb\n Size/MD5 checksum: 78310 0e86d99930bf65fdc9c3479089a6a20b\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_hppa.deb\n Size/MD5 checksum: 66644 21cab5ff1f28857f08b1771de7c3f461\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_hppa.deb\n Size/MD5 checksum: 4612710 fdab445f3c33ae90180d3c834044fc40\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_m68k.deb\n Size/MD5 checksum: 63502 78c53919dcfe97aedbc80b1fc887e204\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_m68k.deb\n Size/MD5 checksum: 58736 69a55de426d9e122adc441b26c9bb062\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_m68k.deb\n Size/MD5 checksum: 3600916 b05f9a5118f7028e5c437c5749bfe79f\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_mips.deb\n Size/MD5 checksum: 75558 6449710e39b1ebad2c982bcad599e7f0\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_mips.deb\n Size/MD5 checksum: 59190 d1fa5b3b77fd4a24d1bc65fb5bce6a90\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_mips.deb\n Size/MD5 checksum: 4602728 8454c9ddb3922c981e8d5cc5bf59ad1e\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_mipsel.deb\n Size/MD5 checksum: 75546 7bbac980fa4a95d71ebd4de2fe2b2b5b\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_mipsel.deb\n Size/MD5 checksum: 59430 ea2fd76fbc73cad63efef3b939c89aa1\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_mipsel.deb\n Size/MD5 checksum: 4559108 fc52f040b130e7954230cffdd91d1145\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_powerpc.deb\n Size/MD5 checksum: 74904 8a3d0d1292f0978eab3b39d6f96a97e9\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_powerpc.deb\n Size/MD5 checksum: 63372 09c6961bbf8e5280ab1f618dd443106c\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_powerpc.deb\n Size/MD5 checksum: 4382198 62e8dec6600f7fdcee4e11bc29258766\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_s390.deb\n Size/MD5 checksum: 71844 48a4bded5ebdb5719f5b72fc0bb4ea60\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_s390.deb\n Size/MD5 checksum: 63614 9fdebe54556dba9bb6fd3cdd5bab2034\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_s390.deb\n Size/MD5 checksum: 4269024 36f0cf0d6f8f73f569af231b7b47c53e\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge4_sparc.deb\n Size/MD5 checksum: 70022 7cfdf14b376e0249ae24bb77fb1ae73a\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge4_sparc.deb\n Size/MD5 checksum: 60990 f25104fe0c734c162f75876bdaf797aa\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge4_sparc.deb\n Size/MD5 checksum: 4156948 a5ae0e1018b2ddc41de89accf9aa10d6\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2006-01-12T00:00:00", "published": "2006-01-12T00:00:00", "id": "DEBIAN:DSA-937-1:2198C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00010.html", "title": "[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:19:52", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 938-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 12th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : koffice\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625\n CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\n\n"infamous41md" and chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, which is\nalso present in koffice, the KDE Office Suite, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain koffice packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.3.5-4.sarge.2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.4.2-6.\n\nWe recommend that you upgrade your koffice package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5-4.sarge.2.dsc\n Size/MD5 checksum: 975 ef074154b4cd7e051accef81a1863e7f\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5-4.sarge.2.diff.gz\n Size/MD5 checksum: 21184 5acfea3a4fd7bb6ae0fa62eb6b5d5fcc\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5.orig.tar.gz\n Size/MD5 checksum: 13154501 2c9b45ecbf16a8c5d16ce9d2f51c2571\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/koffice/kivio-data_1.3.5-4.sarge.2_all.deb\n Size/MD5 checksum: 623480 c3e7b054ffeda4460ab07362c0ed6799\n http://security.debian.org/pool/updates/main/k/koffice/koffice-data_1.3.5-4.sarge.2_all.deb\n Size/MD5 checksum: 692700 0639d1e39d1c80e51501faf027af88f4\n http://security.debian.org/pool/updates/main/k/koffice/koffice-doc-html_1.3.5-4.sarge.2_all.deb\n Size/MD5 checksum: 295658 65ba876cdc62bf9be0fbdb78609a9821\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5-4.sarge.2_all.deb\n Size/MD5 checksum: 21580 5ec8554299872241ae0e644cdaf10ea8\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 923214 0cb839cf64bc1b30ed365365081f27d4\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 715420 81a2ad50ff9b43eabfa607842533787e\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 703300 a6075593a65a177b8035a52eff2f4262\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 632936 b7913745d6aa506bbccee699b85ac6a3\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 154634 6bf809320c075fed4aa8322e87ed1647\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 2307026 35dda9781d05aaa690429eaff1776753\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 59686 fc9efd26ef516cbe4900d56f737353ab\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 2603122 8c23a7fd6f33396f3a1f5b0891ee507e\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 1850948 276edd09ce53c8d1559e243d368e5b76\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 566528 1bc0b27459cffe95bbaa48ad48f0d233\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_alpha.deb\n Size/MD5 checksum: 3768700 0b237dcc5bf4901cd7ca365008a90a6d\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 860270 3e7fcfbfb3a6d7e5d299a28ddd93df59\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 681180 b920b91f6e558d14826e8abb565dc4f8\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 700636 3597c796ca571080874ac6c25c9d4488\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 588084 9f742c2c72cbd1c4e8ae05bb8fea4c26\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 154646 a87e970fa711e990e4c13056a6d0937b\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 2137518 d93213956792cb8e9b545cbaa4b3dcdf\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 58210 161caf23afae40fce7503efd4b45b5e1\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 2539954 9d1ea7870219e8efd5abf9477ca62d49\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 1758924 513f7b3078c4c5ebc771af90952f5b72\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 557912 69091d6c36f8474e85c8be9283520fff\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_amd64.deb\n Size/MD5 checksum: 3588500 3838a7554c442a0c636771811d2011d2\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 763426 30bc86611a35ab8823839257563a2df6\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 641240 1e186c54b59ec20e655dbdb0fae910cb\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 694342 05825c993ea9bcaa7e0b24bfdc1f064b\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 514244 f6a80d7552fdeb06e0a53a1a122779bd\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 154668 566d6c446906bb98f1abcb93d6dd6a42\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 2022784 40d6797135a6004ae928a573ed604062\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 56204 4a0992af20e8ff465b850ad89c78562b\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 2431040 8da8672e5fbe36c073b6c3632ae6a94d\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 1598334 fc9ee6c0ea6408bd2e92e08055a6b758\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 520966 1d0bfe21fab5a1642ff433cf56e7d13a\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_arm.deb\n Size/MD5 checksum: 3354762 a7fb7d5fdb70283457034bf6faa4c99b\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 804862 af2f48b1cbb0013a8dc46251ad9855b4\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 680482 34073c8d6b3c06bc6c9f19d02c897a46\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 697954 8619e5105184aad1528c9432722275df\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 561330 3070a93b3eedd38ff7a123e7b2c019da\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 154632 811a229c470508a810112661c52b91d8\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 2058204 8af7ebbfd7b3e4803d594b4fa46a708f\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 56504 99f4e4a60c58d616b22c8d6e08f1c7e1\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 2534664 dc8abc239a8d614ba98899349ae429f0\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 1727088 57eaf358c948812b5f472477bcbdce88\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 547992 7f9e22cc601dbb398ee0464256a4ac99\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_i386.deb\n Size/MD5 checksum: 3508274 242ae0457f77eca88faf930da4e9d9f9\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 1050284 d9476a3840c63cd56703540b94b7e1ca\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 800650 561546f07ed6e51958993430cc9219be\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 713374 b80682d35c3a32274db7c0e8733801b0\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 720614 a6d9f8e70ddaea5a3c46e390a5c8a8c9\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 154642 c8acd4348595df5a8f603ef114d590ba\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 2671170 6776cb76db4ffcfe983e1382823bbf84\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 65102 2e2e8b5157127036fae2c5ce07838767\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 2803256 d3f75f9999b5f496ee169b9d7b6b9606\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 2153606 88c4d0507cd713512771750cfb4a41d7\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 616188 893fa81e4b2731d556ce9c408125e5f8\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_ia64.deb\n Size/MD5 checksum: 4183042 d5728d1847dd35f0e138e73a7cf4bde3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 942462 2bb1944927fd9d82f972b4c9dedd11c5\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 716224 164b266dc44c7c8a0d94185fa786337e\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 706922 c2df2eaf10502e7a21eca699a90cc05c\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 645142 aa484fbd8c0d553360ddf7d537fbd86a\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 154640 e0c5a22604a8dfcc789ad199e1fa0fba\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 2444000 452d30faa526d2a26762c828c957d944\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 62074 6d5b62ec8f2e7e80655ca26843d39bf2\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 2637714 574c360d0b3604878bc128b4e4165d88\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 1890156 b17ac210d685650f6b582d1cd0b251a8\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 580798 5aaf19cbb2adaac1850928a36d8b1382\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_hppa.deb\n Size/MD5 checksum: 3799064 5da06cec2ae41aae542ca12e8f32a9dc\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 819354 4709910c9c9f5e38bfdebe83e3ea54a1\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 644144 c20e88eec7aa28e66a2f62e58e6bcf8d\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 700368 c955d8ce055dc6394a14f216a1003ec6\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 548610 047743d21ca66ed46c287b101e2df024\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 154670 4f67792f32abb78bc8cede5513a10135\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 2077604 fcb31c2fc6fe8807c567c016d553593c\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 59774 55debcb270b212e5a18bde176dbab10d\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 2469954 89db15884f1d516f1be88618a17cf105\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 1631150 ffb96324182d0b558bb1c416887a78d7\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 539630 8b9f9a2d67b940f70c2f596379b44665\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_m68k.deb\n Size/MD5 checksum: 3450930 6312d9fbe92019c9de3f534136b007dc\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 780354 df6ddfb3fdb6946a8d3faa6ae60c0c20\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 629744 14460775cc1f7e66f75d6817d59c4a14\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 693574 42df5d8a5da4fcc265b86903bf267cc3\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 529700 54321e0761f85f16b7bfbbd6a7db0d4a\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 154650 ee8224a354ac5764f38080d973c91176\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 1870288 4d33fa7413d36c3bab0092e33cc825f7\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 56030 5b70b5840e190a560b01295420a94e98\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 2391944 4ad784a4b13f8732c38d728a41e06cdb\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 1489544 15fde5676951d277491dec4b3f484b31\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 499496 937ade0a626032bd54802eb613156bd8\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_mips.deb\n Size/MD5 checksum: 3320834 4c793e72b1bdb83d8b309828ed82e9fe\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 772678 54f8b58706358dbb6d5026da456372f8\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 625890 ca5d6cd048e4072ec1fbe1dd910324bb\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 692828 2bb41b4b46974f9fc7dfaef2a242594b\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 520454 c33c12fc8d256a5971d564501553576d\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 154640 94153efb50aeb2a5301333ffd4ec1392\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 1838940 e7aeabeadf76d7264c1130fd1e50982e\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 55784 56214fa57be7a134823217a4f749e31e\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 2377324 fce57b63b935d84a0635b354dcc26af6\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 1477730 e23cda8f7c40660a44a9cb4bf0217c98\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 496690 ec12c7e58e2e6e34ce5df9ba67a41ea7\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_mipsel.deb\n Size/MD5 checksum: 3291998 0d1e6faa3dc963cde6d38f5d320bcdee\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 832382 4faf52244ae1c081a8af8a5d65cccd89\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 658788 2e4ded7998e26b7b342051880dbc4150\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 698394 5e218573aa354d275e4329e77190cc45\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 561050 222758ba47fb662286d56fa1958dd7f7\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 154660 30af16272a8261fc7df4d45f59a2cef1\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 2024054 ece369a3582f4afd4a11eea2f681a879\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 58818 5dd4c3943029d18e85a00359ac38b8cc\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 2480338 9673fb007d4036f94892e37e921ec6ba\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 1667284 6ac7e3b368c476dce8a18ea612aa6a35\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 541366 33a37af5562ac341aad2159f3aef632a\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_powerpc.deb\n Size/MD5 checksum: 3495556 67315b9bf2e0d963b45edf675815421b\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 856662 6e2775c7fdaa884f50d0f247d1593e9d\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 663668 d35dda002d2412d348764aff87855a9c\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 701510 84fde51e060e7bf3ab0f55b4d62e8077\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 595240 01da4d76201755b0a79756d00e2c0d3c\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 154634 35a585054e536a037e08efed31584eae\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 2079654 b858e376f589f3493eaa3912ef9190ef\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 58792 44045c4858aa53af8014389c56c92be7\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 2496724 c069a2665b9422ae3df3fbd2e29c05e4\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 1667150 c16c1e9dfd38776e63a5847c480db5a3\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 528256 09d5bf6a049197ac3aca5a92a175a6e2\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_s390.deb\n Size/MD5 checksum: 3564096 cda84a85b52303f389be78a23f88649d\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 781758 b8071406f31963538cc33b765f093f74\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 654476 5f55eb494fae97b22c5da553c6c3bf8a\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 694550 60ba59f184c5fe403a074595a3b52a7f\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 540772 8394e1a16f36ef43ab98bc9b1be35dab\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 154648 aa7278a0e17ab5a4c631e70189b09bf5\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 1956128 8c82c5495b1955c6ff3e5357cb89cff9\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 55352 49bf2de681b61c77865be854ed8e2292\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 2471168 0de69e8fc69990f8706280cd07612301\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 1648972 408cb39e0f73283a0e1f538cca3ccc1e\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 523570 9f20bc1f305fdcbfada8506dfbfc3a64\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.2_sparc.deb\n Size/MD5 checksum: 3425860 db425a1a8d6a4b0c19eaf3d50162ec1b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 7, "modified": "2006-01-12T00:00:00", "published": "2006-01-12T00:00:00", "id": "DEBIAN:DSA-938-1:98E0B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00011.html", "title": "[SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 962-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nFebruary 1st, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : pdftohtml\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624\n CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in pdftohtml, a utility that\ntranslates PDF documents into HTML format, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain pdftohtml packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.36-11sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your pdftohtml package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1.dsc\n Size/MD5 checksum: 602 c7095f7045d69bcebca90ade3f62a9a4\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1.diff.gz\n Size/MD5 checksum: 11388 17672ff97722b502d4d5b3ab804401e3\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36.orig.tar.gz\n Size/MD5 checksum: 300922 75ad095bb51e1f66c9f7691e6af12f44\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_alpha.deb\n Size/MD5 checksum: 313926 ec897e4a81702159e516e823317e8652\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_amd64.deb\n Size/MD5 checksum: 259576 de188540a99fb893584e2c9a2f1c0e41\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_arm.deb\n Size/MD5 checksum: 266372 93821a971df9623124f68216c541f307\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_i386.deb\n Size/MD5 checksum: 253790 45b7b46b375e72507ebdf83b609b9bd3\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_ia64.deb\n Size/MD5 checksum: 374010 a64d9a344341b8ff8f88ceba02a2481e\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_hppa.deb\n Size/MD5 checksum: 330128 4ccc9307617411979efbca1d594f463b\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_m68k.deb\n Size/MD5 checksum: 234598 e14153061b6f573e619f9dbd76bfbda8\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_mips.deb\n Size/MD5 checksum: 311310 067a76c99fd6f144f7c75613b37493c7\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_mipsel.deb\n Size/MD5 checksum: 307086 9890b5cec47e5e8e8ae4a9442c326253\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_powerpc.deb\n Size/MD5 checksum: 269364 9f345aa5ef3480b3d4591eeb4071bfa7\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_s390.deb\n Size/MD5 checksum: 242284 4eb6779646c115bfe6ca7e7baaaaaec8\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_sparc.deb\n Size/MD5 checksum: 245330 7dbf6432f1cc0a2e6d9b42ffa80b588f\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2006-02-01T00:00:00", "published": "2006-02-01T00:00:00", "id": "DEBIAN:DSA-962-1:55BC9", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00039.html", "title": "[SECURITY] [DSA 962-1] New pdftohtml packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:46", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 961-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nFebruary 1st, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : pdfkit.framework\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624\n CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in pdfkit.framework, the\nGNUstep framework for rendering PDF content, and which can lead to a\ndenial of service by crashing the application or possibly to the\nexecution of arbitrary code.\n\nThe old stable distribution (woody) does not contain pdfkit.framework\npackages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.8-2sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your pdfkit.framework package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1.dsc\n Size/MD5 checksum: 725 67fb49e4f05a6eef25396d23ca0baacd\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1.diff.gz\n Size/MD5 checksum: 5699 61578e6e26adf73639b464210830896b\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8.orig.tar.gz\n Size/MD5 checksum: 1780533 7676643ff78a0602c10bfb97fe0bd448\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_alpha.deb\n Size/MD5 checksum: 1821874 8fe74b91409115b4547ba273501e8f79\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_amd64.deb\n Size/MD5 checksum: 1796698 c6f96adecd322a60d77379d1513b26dc\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_arm.deb\n Size/MD5 checksum: 1756056 8632f1ef914df5fcc3b6c3f6dc9ce459\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_i386.deb\n Size/MD5 checksum: 1750384 f000dee97e83dbe85941c1305e689ef2\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_ia64.deb\n Size/MD5 checksum: 1980936 dce8ad12b1ce0e5e097c51243c68f749\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_hppa.deb\n Size/MD5 checksum: 1862404 b4b0d1a421d02987330502e4a653e6a9\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_m68k.deb\n Size/MD5 checksum: 1785734 1c14679aba2cd8cd8bf7aabd42db1cf6\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_mips.deb\n Size/MD5 checksum: 1769138 6600cf166ba6ced0b6c067338f9565c1\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_mipsel.deb\n Size/MD5 checksum: 1754778 0539c52303cf950f3ea66f78eb875449\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_powerpc.deb\n Size/MD5 checksum: 1770876 a8098242afc68c1dfd0c2141f95d88f5\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_s390.deb\n Size/MD5 checksum: 1804716 88af5f5ab641839eac628f9dd36e4509\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_sparc.deb\n Size/MD5 checksum: 1779964 c07986d5367f97f1598d7e2d592fdc40\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2006-02-01T00:00:00", "published": "2006-02-01T00:00:00", "id": "DEBIAN:DSA-961-1:46885", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00038.html", "title": "[SECURITY] [DSA 961-1] New pdfkit.framework packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:13:02", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 932-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 9th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xpdf\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624\n CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\nDebian Bug : 342281\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, that can\nlead to a denial of service by crashing the application or possibly to\nthe execution of arbitrary code. The same code is present in kpdf\nwhich is part of the kdegraphics package.\n\nThe old stable distribution (woody) does not contain kpdf packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 3.3.2-2sarge3.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 3.5.0-3.\n\nWe recommend that you upgrade your kpdf package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge3.dsc\n Size/MD5 checksum: 1317 883261a391a85afb038bb7ea2150ecd7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge3.diff.gz\n Size/MD5 checksum: 159106 1169ddf001b77319f2859c87ce482bc4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2.orig.tar.gz\n Size/MD5 checksum: 7661488 6d0bb2c6e2e2f666d123778fbc520317\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.3.2-2sarge3_all.deb\n Size/MD5 checksum: 17620 9c3f491df5dcb49a81b26062df50ea98\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 92500 5a48e6e37e72346756b6153dea64cb03\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 109094 2c0eef65ec4eeb3ed658efdbfb8783e8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 64974 7eb446cb432616cc6caa48b3eef3e6b1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 276194 7f1b3ceabb2e6bfbd3bf6286833e69a8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 497566 9a2bb4bb6e4bc14a4e37d38791d7eb21\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 149330 5ee25f6cbc684023ed30bf965d86ada8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 92958 4170a1ba0e59a2af45780bb4f45b5763\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 245964 8377a72e9f7739c74cdcb22326d48e0f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 159532 0edc3bcc04d6f54be88002bbb713931a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 244546 c2095b637627385e2630892c60b0fbb9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 831188 c9c211bd627e7466a9ac9601b3adbfa6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 774074 77de1419dadbe632654580ba685bf0f8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 534432 f5986e5949252346fcc57e5f0732b3c5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 2317542 fb2095e8e363d4d79953a899fafa6296\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 63414 0a3e195e572178fc40f0d1fd0e54077d\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 103090 acfc3b3d030f748a5b7e1e8247d90938\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 1357640 bba569d594464e09d8389f53580a562c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 483788 bf0e57bf80bafa78ece4734d16e5c720\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 695424 47141779a11b3ed4d52373d21f3d0199\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 183880 85eaebeedbb011b5ba8d237c9a773363\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 33092 294ab0b1581c856d3a05dfb4d771772d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_alpha.deb\n Size/MD5 checksum: 148226 51ca1b3297696bbe103b34c1e692f10e\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 87972 60ca2731887c79514aad0535af7ce5a6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 100302 afa754568e0f5e3b1b08208c070ea80b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 64970 13ead70c497d1abe4d8e0b64054673e0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 252140 4d3a0b70d7a21e29b598a8fdfa078e1f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 485710 ec9300643ce00f9c6194f35d5935b7d0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 144900 a98182043ec1e0ddf008a94f8e9f6b39\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 87874 459b38e1e638dcd1a402f677b0d72ddb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 234010 d591becbe09936e1d6ca04c2afc91fce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 143496 ffd0abcf446a1a5df52ff1d3034525a0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 233908 374d3456398f6c282c2e1f038d180872\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 767986 448ef8aa521118792792f0f7c9743497\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 759638 ba8104609502f55782e5b1e88a177c93\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 485858 7cebf4d6a0c863aee628c0a13ca57435\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 2233414 a4d0efeb95af95c396eecf9d34645c42\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 63094 c14bc4abc51418dd6a43c4925b7ab8ff\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 99826 e6b6c796dc699297438449788f1385bd\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 1223444 7b995aadba63947f3c16c26d60af7c04\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 477640 99e831229b3434c714bfbfe3b06d67c6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 678640 ed56083f0c5d480e6b030bbe46cf39c5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 173234 ea854daab244c805f22fab1ef00c4501\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 33092 8a0f5e5ccdec0da1715a228d6e918be7\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_amd64.deb\n Size/MD5 checksum: 140160 943f60daa34a3022cdf1e61a74be6727\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 82404 7cde7db938cb953a501d3042a1533859\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 88398 02d60aceb08f53faf77f10ae59aa170f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 64994 8039a436f88742aaef37358b86a2522b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 222994 b8e5d381f364876dd65d7f90eeb432f6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 471280 676d721e8731aa075dcb33411fe39e15\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 137266 c27349004cbc42a68a0e62f622ee6f75\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 84972 260016c06dde14b7e4e6c4dc9da6b1c7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 217514 91a5acde5bb21adc9e197f78f30c1bbd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 127548 ee8f84522aa0ea8fe92653901d40f3ab\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 210264 4f63ea87da3f3a63d6fed1935593348f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 712230 d58a0fcd3ea98346d14bc9845f3ad9bd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 739682 97d75f7b75ff91a8332d59045de83dc1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 424114 1152a75238667a9593905bbd40038be1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 2095184 7ac33f99bea7667b03ab3c1c86870c67\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 59256 deed7c4085f53831f63191526d5390e6\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 93348 40f906de514a2593d7dad7ba7f13210a\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 1310486 d97b0bb5e736350a506f0a64dd57e75d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 465466 3f9d7de13c7aeeb827aef0c7bfb994cc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 641312 480c12a4a3d0ca2195bb9ae374d3e582\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 155152 8798f061114f9a6fb019d20fcdcae533\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 33094 b2469fd24237631256b1d5e5efe8f733\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_arm.deb\n Size/MD5 checksum: 124204 0073a82d7a0ada3716163d082a99a18a\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 85920 1f8dccfa7b64c34f08cfab3d6c88a2d5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 95446 fc147588e733eb66d6a2614b3da77560\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 64968 95f5c54d6b0d7205ee7580abd066f37d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 222032 d91de9dd780ff410d01627b8062fd23f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 483864 df6ef6393a0aa1694e0767a425da1c57\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 140482 0ee2d3187a06af8e7e1f43ea90886c01\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 85876 6deee36ae927df2b9c43075946d0c363\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 227452 7a03c8c5ae46d8776538555b67ebddd8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 135884 52eb8e5cbccf5952cacffab1ab8bb6ee\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 221742 f994714fee52570758cca71a04099870\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 748352 aff6500c8e7b6347cb2cfce12e761318\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 750644 8c662c18ac1d5234e99b7ac304570fa6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 452124 ea5f910e36dd17810d01e0ede44187f1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 2205646 62e1fd98168e576ae78986e7cf88fadf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 62548 0866b72eb70749a328304996b5da6245\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 97222 f4e1290335928e9b76b2715135a23516\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 1220820 c86f6657d183e99e8a69a11c741543c7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 472032 7558051b7f3432ae2b5088c79afbc906\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 643484 3d7111575de51a703afefc6de1b64d59\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 166918 bf6a7f7b5018c5e9d3fbf8c0804bc4a0\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 33098 693fd2750e0678a95ab13df3d443c320\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_i386.deb\n Size/MD5 checksum: 134532 09327e3fa166ffd9e4606338b936ee86\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 102406 51fdcb159c85449f909f7d74c20f0aa1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 117808 017a9c64eaff071bbe3e91d0c8bdc91f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 64968 2bfd3bf06bf9a4ef822a7289fbd7cc43\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 322930 3997e095f2530c1bbcd229ecb9836f24\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 540612 5258387412c170df5f9fa19fcd8dfaaf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 160086 d15976032f48a9e120c6b56776f8342f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 103936 21d42fecd9a1fceac1cbef91cbb68c96\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 280826 d8242161f03e63ba52162775e62ad101\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 176204 21237877e70bc93a8371ab0aa5faf220\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 277288 8ca48ad52ffae22c953b88d44abfdd1f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 888426 edce61c7a9a65ef65c9dd08d2ea83fd7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 799002 9abe5f38e0781adbf404ec1105c0e9df\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 629398 801d1509b6dccd250d5dc3757ecadee8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 2537880 4e7c3dba6e19729547b22a8c7dcfa0b7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 67780 686786077def8ae34c3132188521993e\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 108160 2a09dbbe80ea1624d9a1a2b1b261ab7a\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 1417144 cc3cfe3e709d5862283e580a0820f283\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 501596 2a80a9c5248498a866672d85eca0a0f5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 730722 1b0750ba641b4ccbb1926e1446bbc9eb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 205764 56d117733da1be89fd8525d491c95a16\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 33084 d31c892ef95d30f0f8359df61b0481f4\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_ia64.deb\n Size/MD5 checksum: 170504 4a0acca19f8752621874046503a3f9df\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 93242 1679b3c9cf120b5b56d883cead2f544f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 101232 7e5c1f2c3885fea8f87f9fec1028b888\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 64986 55bd18e636b2485314120388d3ed4a73\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 270922 e7f5050518729caa3ae6925227f023ab\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 505386 84e47f0d34928923f2c2e0ae1ccf5487\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 146200 ebb3cd2ddf9afcfa113d1b0d60dd256e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 93228 6a20a730277fa505d4e27495fd4b3424\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 250216 f42a8d0d6d594a601a362ea0f738b185\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 146362 b3529d2098e96ed4f19d31d17865c2e2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 246034 32b469be4a18a7cfe1c9a65aead8a533\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 796926 8c3f9a89fc543ec69a12a659c7dcfbe3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 757492 478d712e3bade83d527140c8fa2821e8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 535250 f726eb1a2a2705c84c48bbf1abd268ab\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 2371576 8ac6f9581c28c9252eac55ed6c09385a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 61422 8d6b0374dea1c1efb042fc5e5edcf0c7\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 99192 2aad4f1b8942ade1bb889a2ee10746b0\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 1563008 a8203d54a3f59af2739fb75d6cd90049\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 485056 918c0d745609e787bc58de530c6abaff\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 700886 4c84103b7cea6763a57fa608e094c69e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 183850 a03abfea16b0a0946221d473ddd796ae\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 33092 7ba9eb3e7b707decced38a098b067e26\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_hppa.deb\n Size/MD5 checksum: 148004 90d49f8cef0520eb1c022918dd429a99\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 85370 03208de88212ee8e3c433c6c69673877\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 91096 b75db8b3d6a30dd952ae78758510b296\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 65010 82d5536cd79f3bac8a4b483e5571eb23\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 229546 7b682eb8db73e63407bff2b29f6ffb4c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 476952 fe27e5395f5ea231f77dd1abbb74c7e5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 138540 acfa677ff78e256cd8e085cf75d16d97\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 85196 988a2fdd5de86648a524b8dec7173ea9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 229420 9c328ece393d69c84db7304c8260fdb5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 128626 7e1f68605fc327a146fc851894004ead\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 223556 941a4f007761da9124029e68431fff9f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 705084 2439ec0bc20dd2c60022ead6b118ab5e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 743170 832c8961b239bcf874a90c5ac3fd14f1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 447448 c38dcc1879650cd3bcdae5484631c281\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 2148768 0148565136745e0309b056cfdc77874e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 61280 cd7c09ba73c52e33d77a277833c28c24\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 96636 a1d244a87142ca153826f09623196b4b\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 1315968 b3dbc843325ecc8b4f23dfbdbd04da35\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 475814 5adbdb5ea44cc6e774d06269f0123014\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 682572 22deaf8ff281062b43f45a50e8e52c53\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 166284 c772a82c000c4faed889bc1572907198\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 33100 117362ae11ee0926fe62d4251e45b9c8\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_m68k.deb\n Size/MD5 checksum: 133970 cc9320ce6077055fbef7f357baccb36b\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 79726 8ef8a7f51e426bab0c79c893b17b44e8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 102528 96063761ffb299e8663aabdc1dc830dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 64974 8632642c61fd3e514d79c53c440b0157\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 217900 9f068d5736f65a59d58843ef3719914a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 461010 44d402c815ef59102a9d1f6a1922e5c7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 140512 5dede51b9875eb9627fe84508f3ff4cc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 81838 109efab6c00ef662a00ea4f41e7a0069\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 215748 ad22b37ce1d1ffef16c7cefde0ffd7d5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 146198 b9c2cba23d25f1bf3bdbbdbeaffeadbd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 204014 83a4764d81ef5ee7fd7fe890e23c9939\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 787984 c020ab67521dcaca8e49c0bae8216b28\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 756170 a1d1e3e06e5eed39f29d03ce572d5771\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 455814 8b5479eb17b3ea84f56d35f3d1992b43\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 2057362 71d2689d1981f83a6f8ff468d69cc0ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 59274 1cf3d865852bbb4965229a95c78a52b1\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 97718 1e697e2bf6d19eb71efe3350e63a8ddc\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 1127026 0bc2eab83b2cc242ecaebba694289235\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 463634 9bee129653701a27a392f118c2e2fc28\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 649718 dfa1146d95d54eab9f51301b5f4a28eb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 156802 9126d5152c28c24889e5269a9adde39f\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 33094 9875a23d1590f9016f8a8bb450bf3a6d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_mips.deb\n Size/MD5 checksum: 124558 eb55d58484f5ecdc59b2c6eb3c47a805\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 79070 ea21445ae1aef174831e9534db959308\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 101596 ed6adfa04d7c4c2c4d002cb5a278583f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 64972 434438d23e8b0ccc9c38dcc699164e53\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 215850 82f87ff8b5520823f839092cef2356b0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 459624 e577a100b76fe42784b6dcc35f5046b6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 139548 4e829465b219a4d56b86b687b33d5df0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 81370 937ce8392adf141a1f79af0dfc80e499\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 213272 bf8c38a0afb9c9f966cd00bc42a4d4c0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 144554 ca97a5ce320d502c908580bf0bcc4033\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 201638 45e29afdb0ab123d149a739520f1c32c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 785228 9902604485b4e9633f3e36f01fc8f920\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 754276 b1be56ab0f23c02f6aa29b1276a3d917\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 446852 99ac862679028515f5f715c047719e2f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 2046016 8c9919a529a79538629221bf98e37b61\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 59068 5c2aad04a5f5265034faca5d8fd82c64\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 97168 498f72e93b50faefb22a9ca9335193a1\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 1101768 8cb8b46c5207d06911d77d3178f9a4f8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 461868 4792dcccbb8fcda14f2eb601692e2c01\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 647264 9a340b39b3b2ce04d2ed0cfe240bca8b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 154678 79ac08fbe101be7efe6e3471d5fb787d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 33100 3c5ab7cfcd4fce969cd6066c9a9b31d9\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_mipsel.deb\n Size/MD5 checksum: 122404 3d2878bbacb4862c25b73d6c71a6f649\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 84678 c40175b83c13941983dd07e2ec17bdda\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 94604 720a71fb1d61f0f16a919926a996ebb8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 64990 6b4a44cd20244525cf7ed61ef63da641\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 249552 78b554c699af127b69b39b49ac4c180b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 474624 b38b81bf2974e7d72095eb84b00de64d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 140692 cfb9009df7900bfbfdbc39f7523fc587\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 85162 130665aee67bc16e9be3ca54a3762862\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 224802 60d742b0d2303bc63b1849dae1397581\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 132544 6f6bd6ab29fcbf3311f1015a35aec78f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 222198 993f41bfbccf6481ca327f2e8dc3c20d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 725370 0f9836476933dbe813ea538c5d052cd8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 744166 608091d9c9b27dde512ac47b6947d626\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 467524 46073d588f362de378386698c39c95c7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 2142348 9e3bfa19052e85058e4fa31a6298f0a0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 61046 b4d834e88473d8776d305e0448ebe476\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 95544 977ad02f98bcf9731dc2fca1ad1eebc5\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 1191074 8fb34b60f7d2fb4484da19634fb83ca2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 470198 4b8539d72cc39d7e1939f526c765c8b7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 676288 94b7d619e9eb8ecd0cfb0bb3be8ae4ba\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 161756 d59119ba3140c9e41aaafc0c16af7c63\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 33098 980dc1cabb51360efe73cb00e37b3ae1\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_powerpc.deb\n Size/MD5 checksum: 132262 66496d5de6353b80c647b32f4c18ef8b\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 89880 99dff2d06524836ab720abd471999d66\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 98316 893cdc7754cae8a00ee116fcdbf9fb73\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 64972 bd908c097ca775f368b3b87db83ada06\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 236504 603bbb604f6cf907a31b29e8c0438351\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 484950 957eae05f1920388664d5db6b42ae80f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 145404 061c37b7acbe75a09bc6a983e24eca22\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 87136 4c9745eccb44c21a609b5ffaf768a26a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 244122 9b7d68631bccc0af9b79214ec7d3e8d5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 140834 3230bfe76d926783b336e0b424685896\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 239688 42a8e7956bfd756ffba9e7bcd5314e8c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 765928 3a38ceb3563211404e5534bc691b887c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 755596 40d810e17c05d8ff21d76550c0e5cc3a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 496480 0a48f1beb7a4e03425783a909bc88ef0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 2195656 c26f4c732fe8393766eccff6a845e938\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 63070 ea7b94304194ffa4d0bbd708f84737db\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 100742 b5f3558b9d1e30038dabbf0f4b0ba36f\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 1192548 db812a33636b9a681083895da654d9ac\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 481678 93c6f759b0cc1965dbb93536dc255dac\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 682752 519c3b25389f72155e005e12a6989972\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 176666 194c2424523d195373e0d4177b2c1ded\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 33090 8882749212a6e977b9eec3e9fb595f50\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_s390.deb\n Size/MD5 checksum: 142212 c95e8e7fe4365be445daead6d366c5ac\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 82296 25f2b504c0cc096508d2565f38db6f28\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 90720 d8a9ee57d67676bdd2637a40b941b8cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 64980 967f32d4dc6fc6f5d9ff4ef838bae770\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 219164 141a05361d233b94f81be5a802de14d9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 477510 e71886db4ca53b2c23f421857844dc35\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 137938 22442ddae2f20c3663c270541e9ba9c1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 83210 abfc0612516de6079f6552f0dae1743f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 223774 3b242e3415e216278bd5922d09cafa73\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 130520 171569986b9d5f75037fac7216f51014\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 213588 25bdfc45123cbcac842c5c01882c9551\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 714158 a4ba5b48aec9eaf736315dee410a53bc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 744042 5894e3e97fc45d024219a9ff7e115854\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 451392 de85d22d0d458866bdffba846d4accc2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 2142550 732f1d703ab5d8bba7345e50db66283c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 60184 012973b512f9bdfbf15830812fc2b863\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 95092 766c1952f778a25f2aab9bd20964a676\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 1175232 7398855b8444740ce27001c427544406\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 469204 b2e9d809bfc831938f3d080990b7efae\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 639718 6054b8e3f4c9142551a7fd114cb71bb6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 160294 c47394d5c4923c4a921fd400a8f107a0\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 33090 84d007d379333f73de214d1af530ea8d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.3.2-2sarge3_sparc.deb\n Size/MD5 checksum: 128730 ef6ffca3dd504cd20953e7b5c0775014\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 7, "modified": "2006-01-09T00:00:00", "published": "2006-01-09T00:00:00", "id": "DEBIAN:DSA-932-1:4933B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00003.html", "title": "[SECURITY] [DSA 932-1] New kpdf packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:30:52", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 931-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 9th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xpdf\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CAN-2005-3191 CAN-2005-3192 CAN-2005-3193 CVE-2005-3624\n CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\nDebian Bug : 342281\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf, the Portable Document Format (PDF) suite, that can\nlead to a denial of service by crashing the application or possibly to\nthe execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.00-3.8.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 3.00-13.4.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 3.01-4.\n\nWe recommend that you upgrade your xpdf package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00-3.8.dsc\n Size/MD5 checksum: 706 f8091cb4e0b0c7baa8ccc4ee75a50699\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00-3.8.diff.gz\n Size/MD5 checksum: 11832 ab0665a0fa767785037ceff313cbc1b3\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00.orig.tar.gz\n Size/MD5 checksum: 397750 81f3c381cef729e4b6f4ce21cf5bbf3c\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_1.00-3.8_all.deb\n Size/MD5 checksum: 38826 43072ed4680dab2c7d68eec7b3f7c45a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00-3.8_all.deb\n Size/MD5 checksum: 1286 7bd55048fc7aab6c9c35f65d472932da\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_alpha.deb\n Size/MD5 checksum: 571434 7be66f32548c87a66c2353d976a99c36\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_alpha.deb\n Size/MD5 checksum: 1046964 c83387b2ce2c92faa2cbbc86f2d9a9a8\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_arm.deb\n Size/MD5 checksum: 487502 655007df84b968ec59de01638b77f0b8\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_arm.deb\n Size/MD5 checksum: 887368 a2d7e4052bf2a5c4a495c4e45dedf89b\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_i386.deb\n Size/MD5 checksum: 449748 0ae0c17cc4624b254b2aeac09c995d6f\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_i386.deb\n Size/MD5 checksum: 828498 530637087a864c6def87e31283bdeceb\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_ia64.deb\n Size/MD5 checksum: 683068 19ecb0905f8636e67bf7238c10f59ad5\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_ia64.deb\n Size/MD5 checksum: 1230046 ed52eb1ba803c65bed5b9b82ec551eef\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_hppa.deb\n Size/MD5 checksum: 564570 e375463f1a090ee04616a2a28d074792\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_hppa.deb\n Size/MD5 checksum: 1034076 c7baa8decb624ae001b8325c426c3e83\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_m68k.deb\n Size/MD5 checksum: 427756 e516e992cf634de082e9261fec596417\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_m68k.deb\n Size/MD5 checksum: 795168 5315ec1734af63b31df537992fd575d7\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_mips.deb\n Size/MD5 checksum: 555626 38b3797dc8685b374bfa4d5b8310e002\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_mips.deb\n Size/MD5 checksum: 1017302 f1420c53961b3574c404e3dcee80e633\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_mipsel.deb\n Size/MD5 checksum: 546712 be27f108ed722e04bee9473fb463a749\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_mipsel.deb\n Size/MD5 checksum: 999554 d8983b16cb67d5b5da734e8a166079b1\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_powerpc.deb\n Size/MD5 checksum: 470466 c90999ac3ffef0f1ca9907ec0c52e8ca\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_powerpc.deb\n Size/MD5 checksum: 860678 1b79e9b04f6b86cee3365c27c99b8c8a\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_s390.deb\n Size/MD5 checksum: 430408 09493b1bae3177137a922adbaee7af25\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_s390.deb\n Size/MD5 checksum: 786644 98062cef2cfd5f78eba94f92f7ffc7ec\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.8_sparc.deb\n Size/MD5 checksum: 444146 9bb3e73108672a45c87eb172b30b645e\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.8_sparc.deb\n Size/MD5 checksum: 810204 53735cf450d1ff09449dd4e744e31f4a\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.4.dsc\n Size/MD5 checksum: 781 df2be00a261c47ed25cbf00bdcefcc32\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.4.diff.gz\n Size/MD5 checksum: 50734 3018a9155bbcf704f47132bbefddd5b5\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00.orig.tar.gz\n Size/MD5 checksum: 534697 95294cef3031dd68e65f331e8750b2c2\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.00-13.4_all.deb\n Size/MD5 checksum: 56504 333976022e4bd6b1a241844231f2db30\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.4_all.deb\n Size/MD5 checksum: 1284 1b077a992654b8df5727d844deb84e0c\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_alpha.deb\n Size/MD5 checksum: 802112 93e96a4213f4966d8c0bb2c1e34b572d\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_alpha.deb\n Size/MD5 checksum: 1528190 5db2e3cd7ab5f2865d5303163c3d08a7\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_amd64.deb\n Size/MD5 checksum: 667754 df5e85b58bcb2f7b86837e7a79b745f9\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_amd64.deb\n Size/MD5 checksum: 1273734 5554c8f473a892cc8478f50bc1dd96dd\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_arm.deb\n Size/MD5 checksum: 674458 b419a39cb5b1bbaefe52c51f163913d5\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_arm.deb\n Size/MD5 checksum: 1279040 fe5af7d7209bb14e865404ea695a6df3\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_i386.deb\n Size/MD5 checksum: 656804 e319b835c10f76ad7946b74da24ba1bf\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_i386.deb\n Size/MD5 checksum: 1242164 731e556748f3f84465bd6537462fde03\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_ia64.deb\n Size/MD5 checksum: 950974 fe4f3be5aa05772806309faaa3847db3\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_ia64.deb\n Size/MD5 checksum: 1801950 27c19b5813e7d2aa34aca9847c277b40\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_hppa.deb\n Size/MD5 checksum: 832646 a2504b353573d384d443e923782775f1\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_hppa.deb\n Size/MD5 checksum: 1580478 72266677b36f9ec9ab2c2bcac1dfe7ac\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_m68k.deb\n Size/MD5 checksum: 585736 e1331547251b0d5eba96c68e6665abf2\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_m68k.deb\n Size/MD5 checksum: 1116746 46d969a98302c1b49b5e9a355047adfc\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_mips.deb\n Size/MD5 checksum: 807800 d1acd349bc0a932ea3467db9796919f5\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_mips.deb\n Size/MD5 checksum: 1524848 685d65d2a07676b55fa3abd8505018a9\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_mipsel.deb\n Size/MD5 checksum: 798090 18503fbab79be783005bed35d4cdb02d\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_mipsel.deb\n Size/MD5 checksum: 1503796 aaa4b1de4370d52cc2b3e595542f82c3\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_powerpc.deb\n Size/MD5 checksum: 694126 08e64354f30b1bd573092925b894c77f\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_powerpc.deb\n Size/MD5 checksum: 1313048 5f39d0ffe44186db884a7c1115704666\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_s390.deb\n Size/MD5 checksum: 630774 8b48412164ae96066c61399a5c7b3cd7\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_s390.deb\n Size/MD5 checksum: 1198670 6b837427a05f0b19630197183c9c50f1\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.4_sparc.deb\n Size/MD5 checksum: 626394 0bbb59b11b9d11f9129fbd475e3ab186\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.4_sparc.deb\n Size/MD5 checksum: 1181726 a523c04a7ae1c3b8fc24c29f46d3c589\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2006-01-09T00:00:00", "published": "2006-01-09T00:00:00", "id": "DEBIAN:DSA-931-1:51450", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00002.html", "title": "[SECURITY] [DSA 931-1] New xpdf packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:19:06", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 950-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 23rd, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : cupsys\nVulnerability : buffer overflows\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624\n CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628\n\n"infamous41md" and Chris Evans discovered several heap based buffer\noverflows in xpdf which are also present in CUPS, the Common UNIX\nPrinting System, and which can lead to a denial of service by crashing\nthe application or possibly to the execution of arbitrary code.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 1.1.14-5woody14.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.1.23-10sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your CUPS packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14.dsc\n Size/MD5 checksum: 712 87055bd9647d440b8ce56afc1c53c062\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14.diff.gz\n Size/MD5 checksum: 41961 2d996ab8926c30dda9b4b1da5db2dcf5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz\n Size/MD5 checksum: 6150756 0dfa41f29fa73e7744903b2471d2ca2f\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_alpha.deb\n Size/MD5 checksum: 1901460 d9c2716ed4e3eb17551e93bd09ef3cb1\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_alpha.deb\n Size/MD5 checksum: 74640 ecc0016c60f37d7b99c4d8848588a4d1\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_alpha.deb\n Size/MD5 checksum: 93286 9f018be9b70c2dc86ee7d022b92ff102\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_alpha.deb\n Size/MD5 checksum: 2446114 c097158954ffc328f578dea763337440\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_alpha.deb\n Size/MD5 checksum: 138306 3d938cc09f9b17c65c79a4b7c4c7474a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_alpha.deb\n Size/MD5 checksum: 181258 db9cc1c0273d516386ccf2be873166a0\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_arm.deb\n Size/MD5 checksum: 1822154 a6c2a7bc9ed9a2daf492474dfbfee387\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_arm.deb\n Size/MD5 checksum: 68790 a6504ee333ddb3bea747835678a025f3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_arm.deb\n Size/MD5 checksum: 85976 20b1bc34eee904186892e47522024266\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_arm.deb\n Size/MD5 checksum: 2346140 ed23313e05032089bb5cee70cd914711\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_arm.deb\n Size/MD5 checksum: 113304 9ffcce59eb3f9b306dbd661fe9b28760\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_arm.deb\n Size/MD5 checksum: 150704 be20a14dfa2fb2251d9a046159a4ac9e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_i386.deb\n Size/MD5 checksum: 1788452 f920699db4f6756a27ef73c00d41cb1c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_i386.deb\n Size/MD5 checksum: 68280 728e5ab852df891dbb094c877d5d26f2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_i386.deb\n Size/MD5 checksum: 84416 352934f7cabf8e8835cbe685e136ab69\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_i386.deb\n Size/MD5 checksum: 2312294 656e02e4f86107449f528789393bf3d4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_i386.deb\n Size/MD5 checksum: 111268 cdd8f173a676c42e1e6f800757777e44\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_i386.deb\n Size/MD5 checksum: 136824 3762ca0a2e9f04e82c69de42bee5c6d1\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_ia64.deb\n Size/MD5 checksum: 2009046 515a82e65816d7306a0eed23eb81eca7\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_ia64.deb\n Size/MD5 checksum: 77740 1934f438e856d54966bd86d1e575185c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_ia64.deb\n Size/MD5 checksum: 97452 b74539e18af4838477d91c604d8a92ed\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_ia64.deb\n Size/MD5 checksum: 2657094 64e4f7fef054d690c03ca3753742a762\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_ia64.deb\n Size/MD5 checksum: 156328 82d9922dc92754c43bf39e8f4cc77928\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_ia64.deb\n Size/MD5 checksum: 183270 6a90afecd9464585d98e294ff73929c7\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_hppa.deb\n Size/MD5 checksum: 1882286 4ec8f0298dc7249fa9ca70017b324de2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_hppa.deb\n Size/MD5 checksum: 71102 4fe9e3556038e7ad2a5f98b93293a37a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_hppa.deb\n Size/MD5 checksum: 90130 eeb463655e9c4d920e9bd9bf6f59fc2e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_hppa.deb\n Size/MD5 checksum: 2456368 06cd1008318bbb3508f78208360c25dd\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_hppa.deb\n Size/MD5 checksum: 126830 9438fad24f29a082acf3af12f1b78ba2\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_hppa.deb\n Size/MD5 checksum: 159848 992335895e6d5f9507cd5f261bab3083\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_m68k.deb\n Size/MD5 checksum: 1756060 ab11910eddafa259de3bd745b44bf3da\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_m68k.deb\n Size/MD5 checksum: 66570 e2c198da29470435c7728c04ec1dddcd\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_m68k.deb\n Size/MD5 checksum: 81710 aba951dcf7e9b48289d66d28b52a8fe1\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_m68k.deb\n Size/MD5 checksum: 2261686 aba414903aed1f525daddefc42d9cb0f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_m68k.deb\n Size/MD5 checksum: 106548 52dd393183f425b3cfd7dfb424a83df8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_m68k.deb\n Size/MD5 checksum: 129094 4348111e8d1be636745d7871e8891948\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_mips.deb\n Size/MD5 checksum: 1812104 dd3a152cc6f60aee92caf1b1d48be116\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_mips.deb\n Size/MD5 checksum: 68192 471231e45b6758318b09593584561492\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_mips.deb\n Size/MD5 checksum: 81620 20a54b310accf0c618ae17b1939928d6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_mips.deb\n Size/MD5 checksum: 2404894 e5448e7a68d1b9b2faffe6250e293504\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_mips.deb\n Size/MD5 checksum: 113064 bef1f42d86e8f491fc3c01eab9d1978d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_mips.deb\n Size/MD5 checksum: 151504 bea406cc6863a488054206378e8fb04c\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_mipsel.deb\n Size/MD5 checksum: 1812764 83e4dac89074dcb5adeeadc94e1b77fc\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_mipsel.deb\n Size/MD5 checksum: 68190 8a5f9228fd00e1f2010b4ecc3192043f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_mipsel.deb\n Size/MD5 checksum: 81664 c7329620731adcafa54c76956c7570fa\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_mipsel.deb\n Size/MD5 checksum: 2407286 597914ee83c1d95f071f3f9cc2a712c4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_mipsel.deb\n Size/MD5 checksum: 112850 b0ba6a07c9ae3dd1265428e591c46e97\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_mipsel.deb\n Size/MD5 checksum: 151320 08f9b0bd3e63b83e4486a736f4183c80\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_powerpc.deb\n Size/MD5 checksum: 1801230 7ae9ff1ad1a2b39bcac9caf0a1ea84bf\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_powerpc.deb\n Size/MD5 checksum: 68216 c4a5278ee7b0decab415799498ec4c0e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_powerpc.deb\n Size/MD5 checksum: 83804 1f0e2917e7bbfa3c41b42a8706aa4dbc\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_powerpc.deb\n Size/MD5 checksum: 2360122 0205d9a7e7294b1c5df64b7b5aeef414\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_powerpc.deb\n Size/MD5 checksum: 117102 75a66b72bc9f3de5db50bab7c0fd877d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_powerpc.deb\n Size/MD5 checksum: 145562 d77e1f716df37e1e1f4fa0408adaa2d7\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_s390.deb\n Size/MD5 checksum: 1796146 6fa046122e3b7f1c3d8d4b5d74ab4f44\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_s390.deb\n Size/MD5 checksum: 69592 f2f9bf8682b4cb7fc45daddff2643bf2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_s390.deb\n Size/MD5 checksum: 86316 b48887446a27a55d25ac400c1aac22ce\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_s390.deb\n Size/MD5 checksum: 2337954 7a17b6c38961912f5c8ac1d3a93df115\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_s390.deb\n Size/MD5 checksum: 115630 c441bc67529c0ca9d65b2ecf7ae77a22\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_s390.deb\n Size/MD5 checksum: 141154 6c1045dab37cd0c2de8ea9521fb15ce5\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody14_sparc.deb\n Size/MD5 checksum: 1845976 02c8158a514550f09e71440b57bbe091\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody14_sparc.deb\n Size/MD5 checksum: 71162 e80f373008dae5e4c53f573cb8211742\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody14_sparc.deb\n Size/MD5 checksum: 84582 9a972b8f43a72a85b83deaca3fd33dd9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody14_sparc.deb\n Size/MD5 checksum: 2354982 984c7d23e08833f26d1cd63e54292a41\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody14_sparc.deb\n Size/MD5 checksum: 120776 704f789385683f359cc6ed1328892516\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody14_sparc.deb\n Size/MD5 checksum: 147072 e9aabfc1246767e35667aeed061f0184\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1.dsc\n Size/MD5 checksum: 843 149c91767477b75a0cf7db28c6129b30\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1.diff.gz\n Size/MD5 checksum: 1273227 8e6fbc6b8ca8d4588d90312a3a7c2199\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23.orig.tar.gz\n Size/MD5 checksum: 10071818 d6995f493129e9637581f3a717c8345e\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.23-10sarge1_all.deb\n Size/MD5 checksum: 972 0f85b73fa4d13914cf8f50dc2dc1910f\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 8998558 547b44162becac3729e55a1efa9bf526\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 51964 4961aed776b96ad6201d56a9d2405a2f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 116824 732753a8cfbd0eeb5f52b8686948f6b6\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 61186 e6dab465c327d8b5769a406130e47216\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 61054 d6261652e2a0cbb4d396411f224a0322\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 112100 28f6458e3a69ee997b3dee07b7c2b616\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_alpha.deb\n Size/MD5 checksum: 83694 433ccca31f21ee3d1b726acc36fe3350\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 8965490 0ed3172129be9fac870f3c27c16d9b6b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 48912 481fb3ff53dcea0ab7675e2935d0c4b5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 111480 0d29c73380d005759e830a560765115b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 54140 7aa240c5363d73169f72ced83b9418f9\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 45302 4bf1056c7dbfb8f8ca5418b2bd0da446\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 88114 31b7feb9363003f66f67f957e4933e9a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_amd64.deb\n Size/MD5 checksum: 76420 b550d92e77c52790bf5a58031f605c8d\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 8957012 915fdb81401cd63d854e5cf40605a797\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 47944 7464b760910c7eec6450fb3608a54845\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 108064 f6f2d9a1dbefa5bb4adfeec4592df8af\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 52704 67a5ae9c5dcdf9a5a86f7d64292bf967\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 47096 9fa5503ff99ecfb041243039362b3a2a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 88946 ecdf555d38255fd39a08ee1387013f1b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_arm.deb\n Size/MD5 checksum: 70916 10e8a947858a4707236de9e2006e3907\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 8956128 da71b0801cba48f1cb692d93297abc2b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 48344 41ebb63f63a0f2dae4312cb0618114fa\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 109956 fbc4c77291e86a1ef4cbba36cfa54b7d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 54588 140f3a9b6f693b7d5cfc5666b1ca9811\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 45896 45916eeaf110d91dfffd39ce25f0b36a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 86752 04ef904ec3d610eca55a8c4c27126dc5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_i386.deb\n Size/MD5 checksum: 75220 f5dcffc2f6f71ccc85c939001d84a3b7\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 9097650 7833e9cdda700ca59e4ca74c68c8c94f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 57190 05e645e5af8ea79fffe60985668f4d1a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 131422 72e92715d0f7c044313dce896e32327d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 68416 744165acbbe1ab96f53d8e4d91346367\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 59894 1d3e91c509a4e0f790b7abbbf379d623\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 112768 96f6ecd302463e5a401f52c3e060b498\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_ia64.deb\n Size/MD5 checksum: 97514 612eb7ff11d4f89e9c03224917586fa3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 9010754 0c11b272d05a6f65c3665ac8b15b8947\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 52902 84620c8436668790219d44c1cf7373b4\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 117598 4c4500d88ed256ef352e59849cf8a286\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 59694 7917b68267148a9f0c82e55e4a759783\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 51240 2c078aa79136b3ace1c2d28b94da9256\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 95354 203442791f4f1d2ecd1e70e3279dbfd5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_hppa.deb\n Size/MD5 checksum: 82904 bd10a9918c341f9614f68a3ee81683db\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 8925186 a926ab8492abf60434ffdadfb307b9e8\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 46966 6562751ea50409726f36af2016408821\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 104484 0318d6db604c936380a4fdfb3482eac8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 49714 272c0080ae763db015e2199c39c72220\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 37408 3179193900762362145cd7b45e91cbf2\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 75744 f898ee020d7f540eafdabf95decc768f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_m68k.deb\n Size/MD5 checksum: 70676 8882d7075c9cb16ee51ba2051c6e801c\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 8994246 e0b394ae2fe5dd1bd72750cfad52de53\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 54694 a3a93dad227e79d81be0f9db867afc6d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 121500 e41d68c6950a41cf7ce208a6ac0bc3de\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 53986 b511a7cb6c46058ea49a621dcc3c4988\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 48646 e54608c8ff507c59f73d6bf47f4f5b7e\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 88824 3f494a70d277f0f7340860d9e9898fe6\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_mips.deb\n Size/MD5 checksum: 72820 67af0adb3c1e2ce71c4f3810c80c6338\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 8995140 195358c1b1afbde4fc6c8335efaa4181\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 54840 959fc8269f565b6a60b90ac6216da171\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 121638 8102c77355666f900144bbbf06a6e737\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 54148 31231eb300e28dd7b27acd92b6118e81\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 48762 45222e32a7a0ae9de9882a73d6008342\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 88954 41584ce383f4282195d63c627eaa724a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_mipsel.deb\n Size/MD5 checksum: 72696 5d14ee7a81b0a0e083210b82ddca20c7\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 8969934 4e344b217f6ef0a9c8e60358023b31ee\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 53294 d37e799234391a7d8a7aea39feb77e17\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 119228 77809235fdf58d3f061514fc0cd8a6d1\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 56414 27ca9a1284d4d61c61d1f3cd8ec8ac2b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 44490 28e399b1d223a87154c0121b7d03d611\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 87470 2568624e044d49e0941b8ad30871eb3b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_powerpc.deb\n Size/MD5 checksum: 76432 56bf5eca39b58eaf2ed3979b30a327f0\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 8970048 9cc28b376bc998fcb677d07560578af5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 49436 551d0048566181bac7df0649d07d5612\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 110080 2e8273c064ed8274fcbefb76ba7e658d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 55788 92ca368281195401f5df2b49e739804d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 44886 5391354597b49101acd2c6a30dd3ab4b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 90062 222e90ed6137450d20d2cdd6b22987a4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_s390.deb\n Size/MD5 checksum: 78542 c6da804896bc9fb88c39b0bb1c53ce26\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 8972432 c4ecce3bcfadaeda1503afe260d84b7f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 47664 6d5c126bdc8ba8581b8e197468577934\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 108100 c0b006f4a79340275585150450e91f0b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 54544 4e81501aee3e095dc6c0dcb44c1d15ce\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 46028 5ceccb76a01d1a1b0fba31d4d80539aa\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 86606 7444f4cf093195c09db2e53fe8f45636\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.1.23-10sarge1_sparc.deb\n Size/MD5 checksum: 74404 d30b3e52cb5948f869332d91eb89c850\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 9, "modified": "2006-01-23T00:00:00", "published": "2006-01-23T00:00:00", "id": "DEBIAN:DSA-950-1:9CD01", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00023.html", "title": "[SECURITY] [DSA 950-1] New CUPS packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2020-10-25T16:36:18", "bulletinFamily": "unix", "cvelist": ["CVE-2006-0746"], "description": "A new kdegraphics package is available for Slackware 10.1 to fix a\nsecurity issue. A portion of the recent security patch was missing\nin the version that was applied to kdegraphics-3.3.2 in Slackware\n10.1. Other versions of Slackware are not affected by this\nspecific missing patch issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0746\n\n\nHere are the details from the Slackware 10.1 ChangeLog:\n\npatches/packages/kdegraphics-3.3.2-i486-5.tgz: Recompiled to fix a\n missing kpdf security patch.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0746\n (* Security fix *)\n\nWhere to find the new package:\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/kdegraphics-3.3.2-i486-5.tgz\n\n\nMD5 signature:\n\nSlackware 10.1 package:\n74376c7f068a39a44ec83d7af6afc41f kdegraphics-3.3.2-i486-5.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg kdegraphics-3.3.2-i486-5.tgz", "modified": "2006-03-14T04:58:51", "published": "2006-03-14T04:58:51", "id": "SSA-2006-072-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.326729", "type": "slackware", "title": "[slackware-security] Slackware 10.1 kdegraphics", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:20", "bulletinFamily": "software", "cvelist": ["CVE-2006-0746"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20060310-1.txt)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-1008)\n[Vendor Specific Advisory URL](http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:054)\nSecurity Tracker: 1015751\n[Secunia Advisory ID:17920](https://secuniaresearch.flexerasoftware.com/advisories/17920/)\n[Secunia Advisory ID:19190](https://secuniaresearch.flexerasoftware.com/advisories/19190/)\nRedHat RHSA: RHSA-2006:0262\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0743.html\nISS X-Force ID: 25146\n[CVE-2006-0746](https://vulners.com/cve/CVE-2006-0746)\n", "modified": "2006-03-08T18:47:40", "published": "2006-03-08T18:47:40", "href": "https://vulners.com/osvdb/OSVDB:23833", "id": "OSVDB:23833", "title": "KDE kpdf Patch Regression Weakness", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "cvelist": ["CVE-2005-3627", "CVE-2005-3191"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=117481\nVendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076\nVendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281\nVendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346086\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-931)\n[Vendor Specific Advisory URL](http://www.ubuntulinux.org/usn/usn-236-1)\n[Vendor Specific Advisory URL](http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:010)\n[Vendor Specific Advisory URL](http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-936)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060201-01.U.asc)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt)\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20051207-2.txt)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-932)\n[Vendor Specific Advisory URL](http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html)\n[Vendor Specific Advisory URL](http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:011)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U.asc)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-961)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-962)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml)\n[Vendor Specific Advisory URL](http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt)\n[Secunia Advisory ID:18375](https://secuniaresearch.flexerasoftware.com/advisories/18375/)\n[Secunia Advisory ID:18329](https://secuniaresearch.flexerasoftware.com/advisories/18329/)\n[Secunia Advisory ID:18332](https://secuniaresearch.flexerasoftware.com/advisories/18332/)\n[Secunia Advisory ID:18414](https://secuniaresearch.flexerasoftware.com/advisories/18414/)\n[Secunia Advisory ID:18147](https://secuniaresearch.flexerasoftware.com/advisories/18147/)\n[Secunia Advisory ID:18582](https://secuniaresearch.flexerasoftware.com/advisories/18582/)\n[Secunia Advisory ID:18675](https://secuniaresearch.flexerasoftware.com/advisories/18675/)\n[Secunia Advisory ID:18908](https://secuniaresearch.flexerasoftware.com/advisories/18908/)\n[Secunia Advisory ID:19377](https://secuniaresearch.flexerasoftware.com/advisories/19377/)\n[Secunia Advisory ID:18334](https://secuniaresearch.flexerasoftware.com/advisories/18334/)\n[Secunia Advisory ID:18338](https://secuniaresearch.flexerasoftware.com/advisories/18338/)\n[Secunia Advisory ID:18398](https://secuniaresearch.flexerasoftware.com/advisories/18398/)\n[Secunia Advisory ID:18380](https://secuniaresearch.flexerasoftware.com/advisories/18380/)\n[Secunia Advisory ID:18407](https://secuniaresearch.flexerasoftware.com/advisories/18407/)\n[Secunia Advisory ID:18463](https://secuniaresearch.flexerasoftware.com/advisories/18463/)\n[Secunia Advisory ID:18534](https://secuniaresearch.flexerasoftware.com/advisories/18534/)\n[Secunia Advisory ID:18549](https://secuniaresearch.flexerasoftware.com/advisories/18549/)\n[Secunia Advisory ID:18642](https://secuniaresearch.flexerasoftware.com/advisories/18642/)\n[Secunia Advisory ID:18674](https://secuniaresearch.flexerasoftware.com/advisories/18674/)\n[Secunia Advisory ID:19230](https://secuniaresearch.flexerasoftware.com/advisories/19230/)\n[Secunia Advisory ID:18313](https://secuniaresearch.flexerasoftware.com/advisories/18313/)\n[Secunia Advisory ID:18349](https://secuniaresearch.flexerasoftware.com/advisories/18349/)\n[Secunia Advisory ID:18373](https://secuniaresearch.flexerasoftware.com/advisories/18373/)\n[Secunia Advisory ID:18425](https://secuniaresearch.flexerasoftware.com/advisories/18425/)\n[Secunia Advisory ID:18428](https://secuniaresearch.flexerasoftware.com/advisories/18428/)\n[Secunia Advisory ID:18448](https://secuniaresearch.flexerasoftware.com/advisories/18448/)\n[Secunia Advisory ID:18517](https://secuniaresearch.flexerasoftware.com/advisories/18517/)\n[Secunia Advisory ID:18554](https://secuniaresearch.flexerasoftware.com/advisories/18554/)\n[Secunia Advisory ID:18679](https://secuniaresearch.flexerasoftware.com/advisories/18679/)\n[Secunia Advisory ID:18913](https://secuniaresearch.flexerasoftware.com/advisories/18913/)\n[Secunia Advisory ID:19798](https://secuniaresearch.flexerasoftware.com/advisories/19798/)\n[Secunia Advisory ID:19797](https://secuniaresearch.flexerasoftware.com/advisories/19797/)\n[Secunia Advisory ID:25729](https://secuniaresearch.flexerasoftware.com/advisories/25729/)\n[Secunia Advisory ID:18303](https://secuniaresearch.flexerasoftware.com/advisories/18303/)\n[Secunia Advisory ID:18335](https://secuniaresearch.flexerasoftware.com/advisories/18335/)\n[Secunia Advisory ID:18389](https://secuniaresearch.flexerasoftware.com/advisories/18389/)\n[Secunia Advisory ID:18385](https://secuniaresearch.flexerasoftware.com/advisories/18385/)\n[Secunia Advisory ID:18312](https://secuniaresearch.flexerasoftware.com/advisories/18312/)\n[Secunia Advisory ID:18416](https://secuniaresearch.flexerasoftware.com/advisories/18416/)\n[Secunia Advisory ID:18387](https://secuniaresearch.flexerasoftware.com/advisories/18387/)\n[Secunia Advisory ID:18423](https://secuniaresearch.flexerasoftware.com/advisories/18423/)\n[Secunia Advisory ID:18436](https://secuniaresearch.flexerasoftware.com/advisories/18436/)\n[Secunia Advisory ID:18503](https://secuniaresearch.flexerasoftware.com/advisories/18503/)\n[Secunia Advisory ID:18644](https://secuniaresearch.flexerasoftware.com/advisories/18644/)\n[Secunia Advisory ID:26413](https://secuniaresearch.flexerasoftware.com/advisories/26413/)\n[Related OSVDB ID: 22235](https://vulners.com/osvdb/OSVDB:22235)\n[Related OSVDB ID: 22233](https://vulners.com/osvdb/OSVDB:22233)\n[Related OSVDB ID: 22234](https://vulners.com/osvdb/OSVDB:22234)\nRedHat RHSA: RHSA-2006:0163\nRedHat RHSA: RHSA-2006:0177\nRedHat RHSA: RHSA-2006:0160\nOther Advisory URL: http://www.ubuntulinux.org/usn/usn-236-1\nOther Advisory URL: http://www.debian.org/security/2006/dsa-940\nOther Advisory URL: http://www.debian.org/security/2006/dsa-938\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1\nOther Advisory URL: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:005\nOther Advisory URL: http://www.trustix.org/errata/2006/0002/\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2006_01_sr.html\nOther Advisory URL: http://www.debian.org/security/2006/dsa-950\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml\nOther Advisory URL: http://www.debian.org/security/2006/dsa-961\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-August/000221.html\nOther Advisory URL: http://www.debian.org/security/2006/dsa-937\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2006_02_sr.html\nOther Advisory URL: http://www.ubuntulinux.org/usn/usn-236-2\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt\nMail List Post: http://lists.ubuntu.com/archives/ubuntu-security-announce/2006-January/000267.html\n[CVE-2005-3627](https://vulners.com/cve/CVE-2005-3627)\n[CVE-2005-3191](https://vulners.com/cve/CVE-2005-3191)\n", "modified": "2006-01-03T07:33:16", "published": "2006-01-03T07:33:16", "href": "https://vulners.com/osvdb/OSVDB:22236", "id": "OSVDB:22236", "type": "osvdb", "title": "Multiple Product Xpdf/kpdf Stream.cc DCTDecode Stream Processing Multiple Function Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "talos": [{"lastseen": "2017-07-07T16:28:16", "bulletinFamily": "info", "cvelist": ["CVE-2005-3627", "CVE-2017-0319"], "edition": 1, "description": "# Talos Vulnerability Report\n\n### TALOS-2017-2818\n\n## Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability\n\n##### July 7, 2017\n\n##### CVE Number\n\nCVE-2017-0319\n\n### Summary\n\nAn exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.\n\n### Tested Versions\n\nPoppler-0.53.0\n\n### Product URLs\n\n<https://poppler.freedesktop.org/>\n\n### CVSSv3 Score\n\n7.5 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-122: Heap-based Buffer Overflow\n\n### Details\n\nPoppler is a shared library for displaying PDF files, used as middleware within different enterprise and opensource solutions alike (e.g. Gimp). It is forked off of XPDF, and is a complete implementation of the PDF ISO standard.\n\nThe Poppler library, by default, uses a private implementation of reading and rendering images. There is a compilation option for libjpeg support, but the flag is not enabled by default. This private implementation contains assumptions about the JPEG file headers that can lead to heap corruption when broken.\n\nThis vulnerability was formerly found (CVE-2005-3627) with a fix applied to DCTStream::readBaselineSOF, however the bug was not also fixed in the readProgressiveSOF function. A look at the two functions highlights the vulnerability: There should be a check for: `if (numComps <= 0 || numComps > 4)` at [0]\n \n \n GBool DCTStream::readBaselineSOF() {\n int length;\n int prec;\n int i;\n int c;\n \n length = read16();\n prec = str->getChar();\n height = read16();\n width = read16();\n numComps = str->getChar();\n if (numComps <= 0 || numComps > 4) {\n error(errSyntaxError, getPos(), \"Bad number of components in DCT stream\");\n numComps = 0;\n return gFalse;\n \n if (prec != 8) {\n error(errSyntaxError, getPos(), \"Bad DCT precision {0:d}\", prec);\n return gFalse;\n \n //...\n \n GBool DCTStream::readProgressiveSOF() {\n int length;\n int prec;\n int i;\n int c;\n \n length = read16();\n prec = str->getChar();\n height = read16();\n width = read16();\n numComps = str->getChar();\n \n // [0] \n \n if (prec != 8) {\n error(errSyntaxError, getPos(), \"Bad DCT precision {0:d}\", prec);\n return gFalse;\n \n\nAs there is no check on the numComps variable, the subsequent loop in `DCTStream::readProgressiveSOF` can then write past the intended bounds of compInfo[3], and into heap metadata\n \n \n for (i = 0; i < numComps; ++i) {\n compInfo[i].id = str->getChar();\n c = str->getChar();\n compInfo[i].hSample = (c >> 4) & 0x0f;\n compInfo[i].vSample = c & 0x0f;\n compInfo[i].quantTable = str->getChar();\n if (compInfo[i].hSample < 1 || compInfo[i].hSample > 4 ||\n compInfo[i].vSample < 1 || compInfo[i].vSample > 4) {\n error(errSyntaxError, getPos(), \"Bad DCT sampling factor\");\n return gFalse;\n \n if (compInfo[i].quantTable < 0 || compInfo[i].quantTable > 3) {\n error(errSyntaxError, getPos(), \"Bad DCT quant table selector\");\n return gFalse;\n \n\n### Crash Information\n \n \n RAX: 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\n RBX: 0x142dd00 --> 0x1 \n RCX: 0x8 \n RDX: 0xffffffff \n RSI: 0x0 \n RDI: 0x142cf50 --> 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\n RBP: 0x142de00 --> 0x100000001 \n RSP: 0x7ffce0c46010 --> 0x142e450 --> 0x7f8cfffffffd \n RIP: 0x7f8c6dcb15f8 (:close()+40>: 0xe808c383483b8b48)\n R8 : 0x3 \n R9 : 0x142c280 --> 0x142c660 --> 0x0 \n R10: 0x7f8c6d31bbe0 --> 0x0 \n R11: 0x1 \n R12: 0x142e100 --> 0x0 \n R13: 0x142e100 --> 0x0 \n R14: 0x142cf50 --> 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\n R15: 0x0\n EFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow)\n \n [-------------------------------------code-------------------------------------]\n 0x7f8c6dcb15e9 <DCTStream::close()+25>: mov r12,r13\n 0x7f8c6dcb15ec <DCTStream::close()+28>: lea rbp,[rbx+0x100]\n 0x7f8c6dcb15f3 <DCTStream::close()+35>: nop DWORD PTR [rax+rax*1+0x0]\n => 0x7f8c6dcb15f8 <DCTStream::close()+40>: mov rdi,QWORD PTR [rbx]\n 0x7f8c6dcb15fb <DCTStream::close()+43>: add rbx,0x8\n 0x7f8c6dcb15ff <DCTStream::close()+47>: call 0x7f8c6dbfd7a0 <[email\u00a0protected]>\n 0x7f8c6dcb1604 <DCTStream::close()+52>: mov QWORD PTR [rbx-0x8],0x0\n 0x7f8c6dcb160c <DCTStream::close()+60>: cmp rbx,rbp\n [------------------------------------stack-------------------------------------]\n 0000| 0x7ffce0c46010 --> 0x142e450 --> 0x7f8cfffffffd \n 0008| 0x7ffce0c46018 --> 0x0 \n 0016| 0x7ffce0c46020 --> 0x142e468 --> 0x8 \n 0024| 0x7ffce0c46028 --> 0x1 \n 0032| 0x7ffce0c46030 --> 0x0 \n 0040| 0x7ffce0c46038 --> 0x7f8c6dc9bdf7 (:getChar(bool)+55>: 0xfff650e1e8e7894c)\n 0048| 0x7ffce0c46040 --> 0x142e450 --> 0x7f8cfffffffd \n 0056| 0x7ffce0c46048 --> 0x1429d98 --> 0xd ('\\r')\n [------------------------------------------------------------------------------]\n Legend: code, data, rodata, value\n \n\n### Timeline\n\n2017-05-17 - Vendor Disclosure \n2017-07-07 - Public Release\n\n##### Credit\n\nDiscovered by Lilith Wyatt of Cisco Talos.\n\n* * *\n\nBack\n", "modified": "2017-07-07T00:00:00", "published": "2017-07-07T00:00:00", "id": "TALOS-2017-2818", "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2017-2818", "title": "Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability", "type": "talos", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-07-01T21:24:56", "bulletinFamily": "info", "cvelist": ["CVE-2005-3627", "CVE-2017-2818"], "description": "# Talos Vulnerability Report\n\n### TALOS-2017-0319\n\n## Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability\n\n##### July 7, 2017\n\n##### CVE Number\n\nCVE-2017-2818\n\n### Summary\n\nAn exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.\n\n### Tested Versions\n\nPoppler-0.53.0\n\n### Product URLs\n\n<https://poppler.freedesktop.org/>\n\n### CVSSv3 Score\n\n7.5 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-122: Heap-based Buffer Overflow\n\n### Details\n\nPoppler is a shared library for displaying PDF files, used as middleware within different enterprise and opensource solutions alike (e.g. Gimp). It is forked off of XPDF, and is a complete implementation of the PDF ISO standard.\n\nThe Poppler library, by default, uses a private implementation of reading and rendering images. There is a compilation option for libjpeg support, but the flag is not enabled by default. This private implementation contains assumptions about the JPEG file headers that can lead to heap corruption when broken.\n\nThis vulnerability was formerly found (CVE-2005-3627) with a fix applied to DCTStream::readBaselineSOF, however the bug was not also fixed in the readProgressiveSOF function. A look at the two functions highlights the vulnerability: There should be a check for: `if (numComps <= 0 || numComps > 4)` at [0]\n \n \n GBool DCTStream::readBaselineSOF() {\n int length;\n int prec;\n int i;\n int c;\n \n length = read16();\n prec = str->getChar();\n height = read16();\n width = read16();\n numComps = str->getChar();\n if (numComps <= 0 || numComps > 4) {\n error(errSyntaxError, getPos(), \"Bad number of components in DCT stream\");\n numComps = 0;\n return gFalse;\n \n if (prec != 8) {\n error(errSyntaxError, getPos(), \"Bad DCT precision {0:d}\", prec);\n return gFalse;\n \n //...\n \n GBool DCTStream::readProgressiveSOF() {\n int length;\n int prec;\n int i;\n int c;\n \n length = read16();\n prec = str->getChar();\n height = read16();\n width = read16();\n numComps = str->getChar();\n \n // [0] \n \n if (prec != 8) {\n error(errSyntaxError, getPos(), \"Bad DCT precision {0:d}\", prec);\n return gFalse;\n \n\nAs there is no check on the numComps variable, the subsequent loop in `DCTStream::readProgressiveSOF` can then write past the intended bounds of compInfo[3], and into heap metadata\n \n \n for (i = 0; i < numComps; ++i) {\n compInfo[i].id = str->getChar();\n c = str->getChar();\n compInfo[i].hSample = (c >> 4) & 0x0f;\n compInfo[i].vSample = c & 0x0f;\n compInfo[i].quantTable = str->getChar();\n if (compInfo[i].hSample < 1 || compInfo[i].hSample > 4 ||\n compInfo[i].vSample < 1 || compInfo[i].vSample > 4) {\n error(errSyntaxError, getPos(), \"Bad DCT sampling factor\");\n return gFalse;\n \n if (compInfo[i].quantTable < 0 || compInfo[i].quantTable > 3) {\n error(errSyntaxError, getPos(), \"Bad DCT quant table selector\");\n return gFalse;\n \n\n### Crash Information\n \n \n RAX: 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\n RBX: 0x142dd00 --> 0x1 \n RCX: 0x8 \n RDX: 0xffffffff \n RSI: 0x0 \n RDI: 0x142cf50 --> 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\n RBP: 0x142de00 --> 0x100000001 \n RSP: 0x7ffce0c46010 --> 0x142e450 --> 0x7f8cfffffffd \n RIP: 0x7f8c6dcb15f8 (:close()+40>: 0xe808c383483b8b48)\n R8 : 0x3 \n R9 : 0x142c280 --> 0x142c660 --> 0x0 \n R10: 0x7f8c6d31bbe0 --> 0x0 \n R11: 0x1 \n R12: 0x142e100 --> 0x0 \n R13: 0x142e100 --> 0x0 \n R14: 0x142cf50 --> 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\n R15: 0x0\n EFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow)\n \n [-------------------------------------code-------------------------------------]\n 0x7f8c6dcb15e9 <DCTStream::close()+25>: mov r12,r13\n 0x7f8c6dcb15ec <DCTStream::close()+28>: lea rbp,[rbx+0x100]\n 0x7f8c6dcb15f3 <DCTStream::close()+35>: nop DWORD PTR [rax+rax*1+0x0]\n => 0x7f8c6dcb15f8 <DCTStream::close()+40>: mov rdi,QWORD PTR [rbx]\n 0x7f8c6dcb15fb <DCTStream::close()+43>: add rbx,0x8\n 0x7f8c6dcb15ff <DCTStream::close()+47>: call 0x7f8c6dbfd7a0 <gfree@plt>\n 0x7f8c6dcb1604 <DCTStream::close()+52>: mov QWORD PTR [rbx-0x8],0x0\n 0x7f8c6dcb160c <DCTStream::close()+60>: cmp rbx,rbp\n [------------------------------------stack-------------------------------------]\n 0000| 0x7ffce0c46010 --> 0x142e450 --> 0x7f8cfffffffd \n 0008| 0x7ffce0c46018 --> 0x0 \n 0016| 0x7ffce0c46020 --> 0x142e468 --> 0x8 \n 0024| 0x7ffce0c46028 --> 0x1 \n 0032| 0x7ffce0c46030 --> 0x0 \n 0040| 0x7ffce0c46038 --> 0x7f8c6dc9bdf7 (:getChar(bool)+55>: 0xfff650e1e8e7894c)\n 0048| 0x7ffce0c46040 --> 0x142e450 --> 0x7f8cfffffffd \n 0056| 0x7ffce0c46048 --> 0x1429d98 --> 0xd ('\\r')\n [------------------------------------------------------------------------------]\n Legend: code, data, rodata, value\n \n\n### Timeline\n\n2017-05-17 - Vendor Disclosure \n2017-07-07 - Public Release\n\n##### Credit\n\nDiscovered by Lilith Wyatt of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2017-0321\n\nPrevious Report\n\nTALOS-2017-0289\n", "edition": 10, "modified": "2017-07-07T00:00:00", "published": "2017-07-07T00:00:00", "id": "TALOS-2017-0319", "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0319", "title": "Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability", "type": "talos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T12:04:19", "description": "### Summary\r\nAn exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.\r\n\r\n### Tested Versions\r\nPoppler-0.53.0\r\n\r\n### Product URLs\r\nhttps://poppler.freedesktop.org/\r\n\r\n### CVSSv3 Score\r\n7.5 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\r\n\r\n### CWE\r\nCWE-122: Heap-based Buffer Overflow\r\n\r\n### Details\r\nPoppler is a shared library for displaying PDF files, used as middleware within different enterprise and opensource solutions alike (e.g. Gimp). It is forked off of XPDF, and is a complete implementation of the PDF ISO standard.\r\nThe Poppler library, by default, uses a private implementation of reading and rendering images. There is a compilation option for libjpeg support, but the flag is not enabled by default. This private implementation contains assumptions about the JPEG file headers that can lead to heap corruption when broken.\r\nThis vulnerability was formerly found (CVE-2005-3627) with a fix applied to DCTStream::readBaselineSOF, however the bug was not also fixed in the readProgressiveSOF function. A look at the two functions highlights the vulnerability: There should be a check for: `if (numComps <= 0 || numComps > 4) `at [0]\r\n```\r\nGBool DCTStream::readBaselineSOF() {\r\n int length;\r\n int prec;\r\n int i;\r\n int c;\r\n\r\n length = read16();\r\n prec = str->getChar();\r\n height = read16();\r\n width = read16();\r\n numComps = str->getChar();\r\n if (numComps <= 0 || numComps > 4) {\r\n error(errSyntaxError, getPos(), \"Bad number of components in DCT stream\");\r\n numComps = 0;\r\n return gFalse;\r\n\r\n if (prec != 8) {\r\n error(errSyntaxError, getPos(), \"Bad DCT precision {0:d}\", prec);\r\n return gFalse;\r\n\r\n//...\r\n\r\n GBool DCTStream::readProgressiveSOF() {\r\n int length;\r\n int prec;\r\n int i;\r\n int c;\r\n\r\n length = read16();\r\n prec = str->getChar();\r\n height = read16();\r\n width = read16();\r\n numComps = str->getChar();\r\n\r\n // [0] \r\n\r\n if (prec != 8) {\r\n error(errSyntaxError, getPos(), \"Bad DCT precision {0:d}\", prec);\r\n return gFalse;\r\n```\r\n\r\nAs there is no check on the numComps variable, the subsequent loop in `DCTStream::readProgressiveSOF` can then write past the intended bounds of compInfo[3], and into heap metadata\r\n```\r\nfor (i = 0; i < numComps; ++i) {\r\n compInfo[i].id = str->getChar();\r\n c = str->getChar();\r\n compInfo[i].hSample = (c >> 4) & 0x0f;\r\n compInfo[i].vSample = c & 0x0f;\r\n compInfo[i].quantTable = str->getChar();\r\n if (compInfo[i].hSample < 1 || compInfo[i].hSample > 4 ||\r\n compInfo[i].vSample < 1 || compInfo[i].vSample > 4) {\r\n error(errSyntaxError, getPos(), \"Bad DCT sampling factor\");\r\n return gFalse;\r\n\r\n if (compInfo[i].quantTable < 0 || compInfo[i].quantTable > 3) {\r\n error(errSyntaxError, getPos(), \"Bad DCT quant table selector\");\r\n return gFalse;\r\n```\r\n\r\n### Crash Information\r\n```\r\nRAX: 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\r\nRBX: 0x142dd00 --> 0x1 \r\nRCX: 0x8 \r\nRDX: 0xffffffff \r\nRSI: 0x0 \r\nRDI: 0x142cf50 --> 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\r\nRBP: 0x142de00 --> 0x100000001 \r\nRSP: 0x7ffce0c46010 --> 0x142e450 --> 0x7f8cfffffffd \r\nRIP: 0x7f8c6dcb15f8 (:close()+40>: 0xe808c383483b8b48)\r\nR8 : 0x3 \r\nR9 : 0x142c280 --> 0x142c660 --> 0x0 \r\nR10: 0x7f8c6d31bbe0 --> 0x0 \r\nR11: 0x1 \r\nR12: 0x142e100 --> 0x0 \r\nR13: 0x142e100 --> 0x0 \r\nR14: 0x142cf50 --> 0x7f8c6dfbaf50 --> 0x7f8c6dcb2760 (:~DCTStream()>: 0x530030b6c9058b48)\r\nR15: 0x0\r\nEFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow)\r\n\r\n[-------------------------------------code-------------------------------------]\r\n0x7f8c6dcb15e9 <DCTStream::close()+25>: mov r12,r13\r\n0x7f8c6dcb15ec <DCTStream::close()+28>: lea rbp,[rbx+0x100]\r\n0x7f8c6dcb15f3 <DCTStream::close()+35>: nop DWORD PTR [rax+rax*1+0x0]\r\n=> 0x7f8c6dcb15f8 <DCTStream::close()+40>: mov rdi,QWORD PTR [rbx]\r\n0x7f8c6dcb15fb <DCTStream::close()+43>: add rbx,0x8\r\n0x7f8c6dcb15ff <DCTStream::close()+47>: call 0x7f8c6dbfd7a0 <gfree@plt>\r\n0x7f8c6dcb1604 <DCTStream::close()+52>: mov QWORD PTR [rbx-0x8],0x0\r\n0x7f8c6dcb160c <DCTStream::close()+60>: cmp rbx,rbp\r\n[------------------------------------stack-------------------------------------]\r\n0000| 0x7ffce0c46010 --> 0x142e450 --> 0x7f8cfffffffd \r\n0008| 0x7ffce0c46018 --> 0x0 \r\n0016| 0x7ffce0c46020 --> 0x142e468 --> 0x8 \r\n0024| 0x7ffce0c46028 --> 0x1 \r\n0032| 0x7ffce0c46030 --> 0x0 \r\n0040| 0x7ffce0c46038 --> 0x7f8c6dc9bdf7 (:getChar(bool)+55>: 0xfff650e1e8e7894c)\r\n0048| 0x7ffce0c46040 --> 0x142e450 --> 0x7f8cfffffffd \r\n0056| 0x7ffce0c46048 --> 0x1429d98 --> 0xd ('\\r')\r\n[------------------------------------------------------------------------------]\r\nLegend: code, data, rodata, value\r\n```\r\n\r\n### Timeline\r\n* 2017-05-17 - Vendor Disclosure\r\n* 2017-07-07 - Public Release\r\n\r\n### CREDIT\r\n* Discovered by Lilith Wyatt of Cisco Talos.", "published": "2017-09-14T00:00:00", "type": "seebug", "title": "Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability(CVE-2017-2818)", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-3627", "CVE-2017-2818"], "modified": "2017-09-14T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-96476", "id": "SSV:96476", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": ""}], "ubuntu": [{"lastseen": "2020-07-09T19:36:04", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "USN-236-1 fixed several vulnerabilities in xpdf. kpdf and kword \ncontain copies of xpdf code and are thus vulnerable to the same \nissues.\n\nFor reference, this is the original advisory:\n\nChris Evans discovered several integer overflows in the XPDF code, \nwhich is present in xpdf, the Poppler library, and tetex-bin. By \ntricking an user into opening a specially crafted PDF file, an \nattacker could exploit this to execute arbitrary code with the \nprivileges of the application that processes the document.", "edition": 5, "modified": "2006-01-09T00:00:00", "published": "2006-01-09T00:00:00", "id": "USN-236-2", "href": "https://ubuntu.com/security/notices/USN-236-2", "title": "xpdf vulnerabilities in kword, kpdf", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T19:36:34", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "Chris Evans discovered several integer overflows in the XPDF code, \nwhich is present in xpdf, the Poppler library, and tetex-bin. By \ntricking an user into opening a specially crafted PDF file, an \nattacker could exploit this to execute arbitrary code with the \nprivileges of the application that processes the document.\n\nThe CUPS printing system also uses XPDF code to convert PDF files to \nPostScript. By attempting to print such a crafted PDF file, a remote \nattacker could execute arbitrary code with the privileges of the \nprinter server (user 'cupsys').", "edition": 5, "modified": "2006-01-06T00:00:00", "published": "2006-01-06T00:00:00", "id": "USN-236-1", "href": "https://ubuntu.com/security/notices/USN-236-1", "title": "xpdf vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:53", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3626", "CVE-2005-3625", "CVE-2005-3624"], "description": "### Background\n\nXpdf is a PDF file viewer that runs under the X Window System. Poppler is a PDF rendering library based on the Xpdf 3.0 code base. GPdf is a PDF file viewer for the GNOME 2 platform, also based on Xpdf. libextractor is a library which includes Xpdf code to extract arbitrary meta-data from files. pdftohtml is a utility to convert PDF files to HTML or XML formats that makes use of Xpdf code to decode PDF files. \n\n### Description\n\nChris Evans has reported some integer overflows in Xpdf when attempting to calculate buffer sizes for memory allocation, leading to a heap overflow and a potential infinite loop when handling malformed input files. \n\n### Impact\n\nBy sending a specially crafted PDF file to a victim, an attacker could cause an overflow, potentially resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Xpdf users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/xpdf-3.01-r5\"\n\nAll Poppler users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/poppler-0.4.3-r4\"\n\nAll GPdf users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/gpdf-2.10.0-r3\"\n\nAll libextractor users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libextractor-0.5.9\"\n\nAll pdftohtml users should migrate to the latest stable version of Poppler.", "edition": 1, "modified": "2006-01-30T00:00:00", "published": "2006-01-30T00:00:00", "id": "GLSA-200601-17", "href": "https://security.gentoo.org/glsa/200601-17", "type": "gentoo", "title": "Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:11", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "### Background\n\nKPdf is a KDE-based PDF viewer included in the kdegraphics package. KWord is a KDE-based word processor also included in the koffice package. \n\n### Description\n\nKPdf and KWord both include Xpdf code to handle PDF files. This Xpdf code is vulnerable to several heap overflows (GLSA 200512-08) as well as several buffer and integer overflows discovered by Chris Evans (CESA-2005-003). \n\n### Impact\n\nAn attacker could entice a user to open a specially crafted PDF file with Kpdf or KWord, potentially resulting in the execution of arbitrary code with the rights of the user running the affected application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll kdegraphics users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdegraphics-3.4.3-r3\"\n\nAll Kpdf users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kpdf-3.4.3-r3\"\n\nAll KOffice users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/koffice-1.4.2-r6\"\n\nAll KWord users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/kword-1.4.2-r6\"", "edition": 1, "modified": "2006-01-07T00:00:00", "published": "2006-01-04T00:00:00", "id": "GLSA-200601-02", "href": "https://security.gentoo.org/glsa/200601-02", "type": "gentoo", "title": "KPdf, KWord: Multiple overflows in included Xpdf code", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "talosblog": [{"lastseen": "2017-07-29T13:22:40", "bulletinFamily": "blog", "cvelist": ["CVE-2005-3627", "CVE-2017-2814", "CVE-2017-2818", "CVE-2017-2820"], "description": "<div dir=\"ltr\" style=\"text-align: left;\" trbidi=\"on\">Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos.<br /><br /><h3 style=\"text-align: left;\">Overview</h3>Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted PDF document and the victim opens it, the attackers code will be executed with the privileges of the local user. <br /><br /><a name='more'></a><br /><h3 style=\"text-align: left;\">Details</h3><div style=\"text-align: left;\">Poppler is a shared library for displaying PDF files, used as middleware within different enterprise and open source solutions (e.g. Gimp). It is forked off from XPDF and is a complete implementation of the PDF ISO standard. Talos identified three remote code execution vulnerabilities in the Poppler library.<br /><br /><b>TALOS-2017-0311 / CVE-2017-2814</b> - Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability<br /><br />An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an image resizing after allocation has already occurred, resulting in a heap corruption triggered in the DCTStream::readScan() function. This can lead to code execution with the local user rights.<br /><br /><b>TALOS-2017-0319 / CVE-2017-2818</b> - Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability<br /><br />Talos found an exploitable heap overflow vulnerability in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in a heap corruption. This can be used by an attacker to craft a PDF file that executes malicious code on the victim's computer with the rights of the local user.<br /><br />This vulnerability was formerly found (CVE-2005-3627), with a fix applied to DCTStream::readBaselineSOF, however the bug was missed in the readProgressiveSOF function.<br /><br /><b>TALOS-2017-0321 / CVE-2017-2820 - </b><span id=\"summary_alias_container\"><span id=\"short_desc_nonedit_display\">Poppler PDF library JPEG2000 levels Code Execution Vulnerability</span></span></div><div style=\"text-align: left;\"><br />Talos discovered an exploitable integer overflow vulnerability in the JPEG 2000 image parsing functionality of the Poppler 0.53.0 library. An attacker can build a specially crafted PDF file that uses this bug to trigger an integer overflow. Later in the code execution flow, this can lead to memory getting overwritten on the heap resulting in a potential arbitrary code execution with the rights of the local user. Like with the other two vulnerabilities before, a victim must open the malicious PDF in an application using this library to exploit this vulnerability. One example of a vulnerable application is the default PDF reader Evince, shipped with the latest version of Ubuntu Linux. </div><div style=\"text-align: left;\"></div><div style=\"text-align: left;\"><br /><h3 style=\"text-align: left;\">Additional Notes</h3>We would like to highlight that TALOS-2017-0311 and TALOS-2017-0321 are in Poppler's internal, unmaintained JPEG and JPEG2000 decoders which shouldn't ever be used. Even Poppler\u2019s documentation strongly suggests not using them. It is highly recommended to build the Poppler library with more robust and up to date external implementations such as libjpeg and openjpeg. However, Ubuntu does not do this by default for JPEG2000 and will use the unmaintained code, thus making Ubuntu-compiled versions vulnerable to these issues.<br /><br />Talos is seeing client side attacks based on malicious PDF files on a daily base. If your company is using a Popper based application, it is possible that an attacker could use one of these vulnerabilities against it in a targeted attack. This shows how important it is to keep all applications up to date and not only the operation system.</div><div style=\"text-align: left;\"></div><div style=\"text-align: left;\"><br />More technical details can be found in the Talos Vulnerability Reports: </div><div style=\"text-align: left;\"><a href=\"http://www.talosintelligence.com/reports/TALOS-2017-0311\">TALOS-2017-0311</a></div><div style=\"text-align: left;\"><a href=\"http://www.talosintelligence.com/reports/TALOS-2017-0319\">TALOS-2017-0319</a></div><div style=\"text-align: left;\"><a href=\"http://www.talosintelligence.com/reports/TALOS-2017-0321\">TALOS-2017-0321</a></div><div style=\"text-align: left;\"></div><div style=\"text-align: left;\"><br /></div><h3 style=\"text-align: left;\">Coverage</h3><div style=\"text-align: left;\">The following Snort Rules will detect exploitation attempts of this vulnerability. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your FireSIGHT Management Center or Snort.org<br /><br />Snort rules: 42273-42274, 42319 - 42320 , 42352-42353</div></div><div class=\"feedflare\">\n<a href=\"http://feeds.feedburner.com/~ff/feedburner/Talos?a=Epb7zux15g4:WfmtXYq2U6Y:yIl2AUoC8zA\"><img src=\"http://feeds.feedburner.com/~ff/feedburner/Talos?d=yIl2AUoC8zA\" border=\"0\"></img></a>\n</div><img src=\"http://feeds.feedburner.com/~r/feedburner/Talos/~4/Epb7zux15g4\" height=\"1\" width=\"1\" alt=\"\"/>", "modified": "2017-07-07T15:27:54", "published": "2017-07-07T08:27:00", "id": "TALOSBLOG:E92A35ABBB4E772E08533C6C9DA50867", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/Epb7zux15g4/vulnerability-spotlight-talos-2017.html", "title": "Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library", "type": "talosblog", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:20", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2097", "CVE-2006-0301", "CVE-2006-0746", "CVE-2005-0064", "CVE-2004-1125", "CVE-2005-3193", "CVE-2004-0888"], "description": "[7:3.3.1-3.9 ]\n- apply xpdf-splash-overflow-CVE-2006-0301-fix.diff to fix CVE-2006-0301 (#184307)\n[7:3.3.1-3.8]\n- apply xpdf-splash-overflow-CVE-2006-0301-fix.diff to fix CVE-2006-0301 (#179055)\n[7:3.3.1-3.7]\n- apply patch to fix buffer overflow issue in the xpdf codebase\n when handling splash images CVE-2006-0301 (#179055)\n[7:3.3.1-3.6]\n- better fix for CAN-2005-3193\n[7:3.3.1-3.5]\n- add BuildRequires: libieee1284-devel #168356\n- backport patch to fix CAN-2005-3193, #175105\n[7:3.3.1-3.4]\n- apply patch to fix kpdf DoS CAN-2005-2097, #163925\n[7:3.3.1-3.3]\n- More fixing of CAN-2004-0888 patch (bug #135393)\n[3.3.1-3.2]\n- Applied patch to fix CAN-2005-0064\n[7:3.3.1-3.1]\n- Applied patch to fix CAN-2004-1125\n[7:3.3.1-2]\n- fix kfax to use system libtiff\n[7:3.3.1-1]\n- update to 3.3.1\n[7:3.3.0-3]\n- fix typo in buildrequires #135007\n[7:3.3.0-2]\n- only show kcmkmrml in KDE\n- set variables before use\n[3.3.0-1]\n- update to 3.3.0\n[3.3.0-0.1.rc2]\n- update to 3.3.0 rc2\n[7:3.2.3-1]\n- update to 3.2.3\n[7:3.2.2-1]\n- update to 3.2.2\n[7:3.2.1-1]\n- 3.2.1 release\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[7:3.2.0-1.4]\n- fix typo bug, _smp_mflags instead smp_mflags\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[7:3.2.0-0.3]\n- 3.2.0 release\n- built against qt 3.3.0\n- add prereq /sbin/ldconfig\n[7:3.1.95-0.1]\n- KDE 3.2 RC1\n[7:3.1.94-0.1]\n- KDE 3.2 Beta2\n[7:3.1.93-0.2]\n- get rid of rpath\n[7:3.1.93-0.1]\n- KDE 3.2 Beta1\n- cleanup\n[7:3.1.4-1]\n- 3.1.4\n[7:3.1.3-4]\n- disable kpovmodeler temporary. waiting for freeglut\n[7:3.1.3-3]\n- fixed build problem with new gcc\n[7:3.1.3-2]\n- rebuilt\n[7:3.1.3-1]\n- 3.1.3\n[3.1.2-4]\n- disable kpovmodeler temporary. waiting for freeglut\n- built with gcc-3.3-12\n- remove excludearch s390/s390x\n[7:3.1.2-3.1]\n- added epoch for versioned requires where needed\n- built for RHEL\n* Wed Jun 04 2003 Elliot Lee \n- rebuilt\n[3.1.2-2]\n- 3.1.2\n[3.1.1-2]\n- PS/PDF file handling vulnerability\n[3.1.1-1]\n- 3.1.1\n* Mon Feb 24 2003 Elliot Lee \n- debuginfo rebuild\n[3.1-3]\n- get rid of gcc path from dependency_libs\n* Wed Feb 19 2003 Elliot Lee \n- BuildRequires: glut-devel if kpovmodeler\n[3.1-1]\n- 3.1 release\n- remove excludearch ia64\n- remove some unneeded macros\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[3.1-0.3]\n- rc6\n- exclude ia64\n[3.1-0.2]\n- fix desktop file issues\n- get rid of su packages\n[3.1-0.1]\n- update to 3.1 rc4\n[3.0.5-1]\n- update to 3.0.5\n[3.0.4-1]\n- 3.0.4\n* Sun Aug 25 2002 Florian La Roche \n- compile on mainframe\n* Wed Aug 14 2002 Florian La Roche \n- change spec file to work for more archs\n[3.0.3-1]\n- 3.0.3\n- build using gcc-3.2-0.3\n[3.0.2-4]\n- desktop files issues (bug #71018)\n[3.0.2-3]\n- build using gcc-3.2-0.1\n[3.0.2-2]\n- fix desktop files issue\n[3.0.2-1]\n- 3.0.2\n- use desktop-file-install\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[3.0.1-1]\n- 3.0.1\n[3.0.0-5]\n- rename libraries\n[3.0.0-4]\n- Fix libkviewpart.* duplication (kview and kviewshell, #62749)\n- Shut up rpmlint\n[3.0.0-3]\n- Obsolete the old monolithic package\n- Fix build with gcc 3.1\n[3.0.0-2]\n- fix deps problem\n[3.0.0-1]\n- 3.0.0 final\n[3.0.0-0.cvs20020321.1]\n- Add docs for kooka and kuickshow and kfile PostScript plugin\n[3.0.0-0.cvs20020306.1]\n- Update\n- Rename subpackages\n- Dont build kamera on alpha\n[3.0.0-0.cvs20011226.1]\n- Update\n- Reorganize package\n[2.2-0.cvs20010726.1]\n- The -devel package has kscan-related files -n only. Since kscan isnt built\n on s390/s390x, dont build the devel package there.\n[2.2-0.cvs20010724.1]\n- Add more build dependencies (#48970)\n- Remove ia64 workarounds, no longer needed\n- Update\n[2.2-0.cvs20010723.1]\n- Restore -devel package, got lost during the update\n- Fix build on s390/s390x\n- Update\n[2.2-0.cvs20010722.2]\n- Make symlinks relative\n- Update\n* Wed Feb 21 2001 Bernhard Rosenkraenzer \n- 2.1-respin\n* Tue Feb 20 2001 Bernhard Rosenkraenzer \n- 2.1\n* Fri Feb 16 2001 Than Ngo \n- fix to build against glibc\n* Tue Feb 06 2001 Bernhard Rosenkraenzer \n- Get rid of libkdefakes.so.0 dependency\n* Mon Jan 22 2001 Bernhard Rosenkraenzer \n- Update\n* Mon Jan 01 2001 Bernhard Rosenkraenzer \n- Update\n* Wed Dec 20 2000 Bernhard Rosenkraenzer \n- Update\n- Stop excluding ia64\n* Wed Nov 15 2000 Bernhard Rosenkraenzer \n- Update to HEAD\n* Fri Nov 03 2000 Bernhard Rosenkraenzer \n- Update to KDE_2_0_BRANCH\n* Mon Oct 23 2000 Bernhard Rosenkraenzer \n- 2.0 final\n* Thu Aug 24 2000 Than Ngo \n- update to kdegraphics-1.93\n* Sun Aug 20 2000 Than Ngo \n- add missing kdegraphic2 package\n* Mon Aug 07 2000 Bernhard Rosenkraenzer \n- new version\n* Tue Jul 25 2000 Bernhard Rosenkraenzer \n- new snapshot\n- work around compiler bug by disabling kcoloredit for now, FIXME\n* Fri Jul 21 2000 Bernhard Rosenkraenzer \n- new snapshot\n- SMPify build\n* Sun Jul 16 2000 Than Ngo \n- use gcc 2.96\n- new snapshot\n- fix docdir\n* Fri Jun 23 2000 Bernhard Rosenkraenzer \n- Add Epoch - for some reason, rpm thinks 1.1.2 > 1.92.20000623.\n* Tue Jun 20 2000 Bernhard Rosenkraenzer \n- new snapshot\n- ExcludeArch ia64 for now\n* Sat Mar 18 2000 Bernhard Rosenkraenzer \n- new snapshot\n- move it to /usr, where it belongs\n* Sun Oct 24 1999 Bernhard Rosenkraenzer \n- Fix compilation\n* Fri Oct 22 1999 Bernhard Rosenkraenzer \n- 2.0 CVS\n* Fri Sep 24 1999 Preston Brown \n- mark doc files as such\n* Wed Sep 08 1999 Preston Brown \n- upgraded to 1.1.2 release\n* Fri Jun 11 1999 Preston Brown \n- snapshot, includes kde 1.1.1 + fixes\n* Mon Apr 19 1999 Preston Brown \n- last snapshot before release\n* Mon Apr 12 1999 Preston Brown \n- latest stable snapshot\n* Wed Feb 24 1999 Preston Brown \n- Injected new description and group.\n* Mon Feb 08 1999 Preston Brown \n- upgraded to KDE 1.1 final.\n* Sat Feb 06 1999 Preston Brown \n- updates to new libstdc++ and rpm standards.\n* Wed Jan 06 1999 Preston Brown \n- re-merged in updates from Duncan Haldane", "edition": 5, "modified": "2006-11-30T00:00:00", "published": "2006-11-30T00:00:00", "id": "ELSA-2006-0262", "href": "http://linux.oracle.com/errata/ELSA-2006-0262.html", "title": "kdegraphics security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:40:16", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3627", "CVE-2005-3192", "CVE-2005-3626", "CVE-2005-3191", "CVE-2005-3625", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3628"], "description": "\"infamous41md\", Chris Evans and Dirk Mueller discovered multiple places in xpdf code where integer variables are insufficiently checked for range or overflow. Specially crafted PDF files could lead to executing arbitrary code. Copies of xpdf code are also contained in cups, kpdf, kword, gpdf, libextractor, pdf2html, poppler and tetex. Updates for those are in the works.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2006-01-11T12:03:37", "published": "2006-01-11T12:03:37", "id": "SUSE-SA:2006:001", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-01/msg00007.html", "title": "remote code execution in xpdf,kpdf,gpdf,kword", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}