Skip to navigation

Security Advisory Moderate: tetex security update

Advisory: RHSA-2012:1201-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-08-23
Last updated on: 2012-08-23
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-2642
CVE-2010-3702
CVE-2010-3704
CVE-2011-0433
CVE-2011-0764
CVE-2011-1552
CVE-2011-1553
CVE-2011-1554

Details

Updated tetex packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

teTeX is an implementation of TeX. TeX takes a text file and a set of
formatting commands as input, and creates a typesetter-independent DeVice
Independent (DVI) file as output.

teTeX embeds a copy of t1lib to rasterize bitmaps from PostScript Type 1
fonts. The following issues affect t1lib code:

Two heap-based buffer overflow flaws were found in the way t1lib processed
Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened
by teTeX, it could cause teTeX to crash or, potentially, execute arbitrary
code with the privileges of the user running teTeX. (CVE-2010-2642,
CVE-2011-0433)

An invalid pointer dereference flaw was found in t1lib. A specially-crafted
font file could, when opened, cause teTeX to crash or, potentially, execute
arbitrary code with the privileges of the user running teTeX.
(CVE-2011-0764)

A use-after-free flaw was found in t1lib. A specially-crafted font file
could, when opened, cause teTeX to crash or, potentially, execute arbitrary
code with the privileges of the user running teTeX. (CVE-2011-1553)

An off-by-one flaw was found in t1lib. A specially-crafted font file could,
when opened, cause teTeX to crash or, potentially, execute arbitrary code
with the privileges of the user running teTeX. (CVE-2011-1554)

An out-of-bounds memory read flaw was found in t1lib. A specially-crafted
font file could, when opened, cause teTeX to crash. (CVE-2011-1552)

teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF)
file viewer, to allow adding images in PDF format to the generated PDF
documents. The following issues affect Xpdf code:

An uninitialized pointer use flaw was discovered in Xpdf. If pdflatex was
used to process a TeX document referencing a specially-crafted PDF file, it
could cause pdflatex to crash or, potentially, execute arbitrary code with
the privileges of the user running pdflatex. (CVE-2010-3702)

An array index error was found in the way Xpdf parsed PostScript Type 1
fonts embedded in PDF documents. If pdflatex was used to process a TeX
document referencing a specially-crafted PDF file, it could cause pdflatex
to crash or, potentially, execute arbitrary code with the privileges of the
user running pdflatex. (CVE-2010-3704)

Red Hat would like to thank the Evince development team for reporting
CVE-2010-2642. Upstream acknowledges Jon Larimer of IBM X-Force as the
original reporter of CVE-2010-2642.

All users of tetex are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
tetex-3.0-33.15.el5_8.1.src.rpm     MD5: 3c84423b808cd29a5ea7326deb1c2f66
SHA-256: de769c7b7fdcc8e0475c66ed48a5617bee9b49744a87c6700905d368688401c8
 
IA-32:
tetex-3.0-33.15.el5_8.1.i386.rpm     MD5: 5be2862ec418d9f3835f315f10ea00c7
SHA-256: d153f519ad48584dfae365d5e993b699c0e8c329045e31bc38d446cba861461f
tetex-afm-3.0-33.15.el5_8.1.i386.rpm     MD5: 8d70f8bf1f6997a8a5fe8b1b90c0be06
SHA-256: 66fa0c989a46a73e81ede2f13d23ca2e8bee05229e1eb2e44f8360d8873c28e0
tetex-debuginfo-3.0-33.15.el5_8.1.i386.rpm     MD5: ecce179fcf78a496f52daab4c6519922
SHA-256: eabe4a7bf843ca043d30854af5adae7b6bc72ab7e4d75d2bd42c8365b1af4656
tetex-doc-3.0-33.15.el5_8.1.i386.rpm     MD5: 286557ee568eab0ac2fb55366da8cf64
SHA-256: 56e68ee5daf1555e77b5187481d19f7b0d9bd567e1a2c718869a49dcea265c34
tetex-dvips-3.0-33.15.el5_8.1.i386.rpm     MD5: bb0389aa94764c82297e18c8267e7b4b
SHA-256: 115afd455133615e0f64c507a0bfb0e76192bf3859b81aab8bf9843c5a333f93
tetex-fonts-3.0-33.15.el5_8.1.i386.rpm     MD5: 16db00d548678ff9db105a20a72cc72f
SHA-256: f771558fb4d52f4a7e8893a6bd1dd34aa9aa626e259b1781a8594a493b7ed662
tetex-latex-3.0-33.15.el5_8.1.i386.rpm     MD5: 1582014084cf4d4eae77429d8ec90a9d
SHA-256: 75e40814e3a21a67ec9accf123283a71410e97940674a1642d7c3b46fbf68c60
tetex-xdvi-3.0-33.15.el5_8.1.i386.rpm     MD5: b6ef9d698f6bae5890d62727a9d3965b
SHA-256: e21a992a329f10ac7660860cd43e3a222f221ad2162cc5e13a81e82c36dbf247
 
IA-64:
tetex-3.0-33.15.el5_8.1.ia64.rpm     MD5: 217efc48c581cd2485726d1d3b982768
SHA-256: e54b76b78c57d1f04a4b8d343ff7018ef7fce4ace99efb5aba5bdf966e1d9708
tetex-afm-3.0-33.15.el5_8.1.ia64.rpm     MD5: e380e3bea0d60a74ac9660bfd229776e
SHA-256: 2335b23c4fee14aa8fdbf30bc34eb091d95e309e94326849dc6f26f53882e1cc
tetex-debuginfo-3.0-33.15.el5_8.1.ia64.rpm     MD5: 06772910f37256dd9fe435c5af8ae548
SHA-256: 4348862a28dc6691799f3cb62f9b8408f0933a8daa2f2f0543ac9e9b85135b5c
tetex-doc-3.0-33.15.el5_8.1.ia64.rpm     MD5: 4ae53976dfa07c34bb57466832acc233
SHA-256: 8d4c8902bd10117b6e3d1136e1134e979c96bbb5b888c3ae5cb0e627d0ea1c60
tetex-dvips-3.0-33.15.el5_8.1.ia64.rpm     MD5: d52bba1c1c03a5b55928709f4fdcb795
SHA-256: e3f0557598a5b9abdbb310e9559b0c4a1efd9eca71cbd970c380f7ff16b1aa0b
tetex-fonts-3.0-33.15.el5_8.1.ia64.rpm     MD5: 4197ac0f020728745f8714be7843d070
SHA-256: bd019d312adc2768fb9854e8e82b0e82c69fcc556fc99caffa52797b209a02fc
tetex-latex-3.0-33.15.el5_8.1.ia64.rpm     MD5: 7f921c9217c4c488a169752c665ffb27
SHA-256: 48ff1d2103d31bb301614a95608023393fb7222856d1ca7973f77a572d63777c
tetex-xdvi-3.0-33.15.el5_8.1.ia64.rpm     MD5: 03c80640322847054b4242ba733f4ff9
SHA-256: 3088dc8cbb3bd751b518358cc3b5a121a1dbe14be6ac45468bb582ff5c4bea0f
 
PPC:
tetex-3.0-33.15.el5_8.1.ppc.rpm     MD5: c33454ea2c9a5b5503ca1c2cbd1105c6
SHA-256: d3713b2cae8ec58b39c8a4771479461751958973009d902e432379ce7e75b1b5
tetex-afm-3.0-33.15.el5_8.1.ppc.rpm     MD5: 625a33e20d187604d524a6525017dc93
SHA-256: a875e4277df6a267be5b309fff3a488b5bc09b44ba062d6b5c2040c1ff440ee6
tetex-debuginfo-3.0-33.15.el5_8.1.ppc.rpm     MD5: 30edc6640ab88ccd40bbca8e8c8ec8be
SHA-256: ca5c67b5f2a225f7028aa94a6443a1b9bef36adae4d9a63ec7a96a684db277d9
tetex-doc-3.0-33.15.el5_8.1.ppc.rpm     MD5: f307657efadd26ae1d16164b7489e838
SHA-256: 5a72f4519dfe6067a62568edbcf3b631859b59cf8c1f8b14876b6b1fb4778305
tetex-dvips-3.0-33.15.el5_8.1.ppc.rpm     MD5: 44e8c75f898d52b8e87b35d845a5ee17
SHA-256: 42407e49da32ecba88ef060abf0be36c9ad640c64ab9d80f7c49a9368ce2ed13
tetex-fonts-3.0-33.15.el5_8.1.ppc.rpm     MD5: 38736878fa7403cf37faab26a781a36e
SHA-256: e091d2bfb807f73fe0288589110fcb7e16e57062ec2eb43e5c1db062199988b4
tetex-latex-3.0-33.15.el5_8.1.ppc.rpm     MD5: da0f4bc4e42d2a7650193e432a5c4113
SHA-256: e001e05316493157e033103caa79c9ef05f28ca773047b8fcd9aac72010ecfb8
tetex-xdvi-3.0-33.15.el5_8.1.ppc.rpm     MD5: 8f7e9583c21b0866decdff054da388c3
SHA-256: a090a9961f70bf213dcd1515c8f394d93301a1db724efcea734dc2ba3dfb9cb0
 
s390x:
tetex-3.0-33.15.el5_8.1.s390x.rpm     MD5: cbef7b3ef33103b0dc6b22574e72477f
SHA-256: 5891fcd751b8ed5175602249945dac2b9c7b0d69b9c80beb4dea6da68e00b065
tetex-afm-3.0-33.15.el5_8.1.s390x.rpm     MD5: 416bb532e0d0cfae6717424016472165
SHA-256: 4b56c18d849bfc11440bb01b3fa866708ebd89dc00467fe7a1745315fc37fe34
tetex-debuginfo-3.0-33.15.el5_8.1.s390x.rpm     MD5: 7413bc6a3823a2c76a3fd48f7434284b
SHA-256: fe64179cd9930b2c02ef6c74d5acc7d8669fe2ee4693f248aa68b5f3690ac114
tetex-doc-3.0-33.15.el5_8.1.s390x.rpm     MD5: dd215346ba6dd95406728e264622db7a
SHA-256: 024574a932e660dafbadaa26c5aa4e3f0be7b0164c5679558c65517220b969f0
tetex-dvips-3.0-33.15.el5_8.1.s390x.rpm     MD5: cb8833b3b9cd6d33b7dfff2a8702abd5
SHA-256: c87c9eaaea7fb58df4656705dca6119caebe41340f866367d0f631878bf36581
tetex-fonts-3.0-33.15.el5_8.1.s390x.rpm     MD5: 783eb93f396b73101a118d8f0e083499
SHA-256: e0e44faa33366feed24ed19745c6b2ce623b4ff8ddc5a4ba0d5f931c2b06980b
tetex-latex-3.0-33.15.el5_8.1.s390x.rpm     MD5: 6585aba96c7373d6c10ef00e3effe531
SHA-256: 87593d34822a160aa34e33114de4c1cd3beccaec66b906635491a8db34447129
tetex-xdvi-3.0-33.15.el5_8.1.s390x.rpm     MD5: 87b242b6b2da25b36b246f947b462a58
SHA-256: 64c0aa9de09dfa47b5584e57526f1e76fe12e0560d28dcf755345ad67a0484ea
 
x86_64:
tetex-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 6e88737de02048736aa5cded7f7a5217
SHA-256: b0de7acb743bb0d63a04874bb5874ad218154ba595bf40b0f6db6e6228c0c48e
tetex-afm-3.0-33.15.el5_8.1.x86_64.rpm     MD5: f82347ebbbe0ac0a5920e3aaf01cd562
SHA-256: 95210db50c44a9fef57f1dca598806465db8294cddf4e904bf5782e12ee1b106
tetex-debuginfo-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 52a883a8a84fd3810c78a43075f0cc84
SHA-256: 9a7884acc7ab148bbb223d7f797c646b6353e1c945c8735e2029a603ced68d6c
tetex-doc-3.0-33.15.el5_8.1.x86_64.rpm     MD5: f62747c486ea51a952f741c6bcefa2a6
SHA-256: 5f6c36ec0f5110bdccb805bc2b5222bbdbc09ecc42d6af2fa0a0d6cffd0a2e74
tetex-dvips-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 0e577dafc6beb9be4092c84e0fad1f91
SHA-256: 386f1f8b0d651bccddeb3ebdf45d4b4f4c19f828c2fb86c3c491a9109132b358
tetex-fonts-3.0-33.15.el5_8.1.x86_64.rpm     MD5: a511d2bbc586d8db3e09d086f55aea08
SHA-256: 9e4982c6bc361a355cf9296bb359c79165d96abd03872dc26a0e7cac3b0a26de
tetex-latex-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 10082fb3e0320771e087cefac32d5922
SHA-256: 5702e21408b2308cae52d7b046f57ff7ac6271a23533f824dfd63ee756740483
tetex-xdvi-3.0-33.15.el5_8.1.x86_64.rpm     MD5: a6a9ceca08012bb5596f3396c2e6ecc8
SHA-256: 7587da0c607a49ee896b84a574976bddefa48083fcda150b00dc4cefe18dc29f
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
tetex-3.0-33.15.el5_8.1.src.rpm     MD5: 3c84423b808cd29a5ea7326deb1c2f66
SHA-256: de769c7b7fdcc8e0475c66ed48a5617bee9b49744a87c6700905d368688401c8
 
IA-32:
tetex-3.0-33.15.el5_8.1.i386.rpm     MD5: 5be2862ec418d9f3835f315f10ea00c7
SHA-256: d153f519ad48584dfae365d5e993b699c0e8c329045e31bc38d446cba861461f
tetex-afm-3.0-33.15.el5_8.1.i386.rpm     MD5: 8d70f8bf1f6997a8a5fe8b1b90c0be06
SHA-256: 66fa0c989a46a73e81ede2f13d23ca2e8bee05229e1eb2e44f8360d8873c28e0
tetex-debuginfo-3.0-33.15.el5_8.1.i386.rpm     MD5: ecce179fcf78a496f52daab4c6519922
SHA-256: eabe4a7bf843ca043d30854af5adae7b6bc72ab7e4d75d2bd42c8365b1af4656
tetex-doc-3.0-33.15.el5_8.1.i386.rpm     MD5: 286557ee568eab0ac2fb55366da8cf64
SHA-256: 56e68ee5daf1555e77b5187481d19f7b0d9bd567e1a2c718869a49dcea265c34
tetex-dvips-3.0-33.15.el5_8.1.i386.rpm     MD5: bb0389aa94764c82297e18c8267e7b4b
SHA-256: 115afd455133615e0f64c507a0bfb0e76192bf3859b81aab8bf9843c5a333f93
tetex-fonts-3.0-33.15.el5_8.1.i386.rpm     MD5: 16db00d548678ff9db105a20a72cc72f
SHA-256: f771558fb4d52f4a7e8893a6bd1dd34aa9aa626e259b1781a8594a493b7ed662
tetex-latex-3.0-33.15.el5_8.1.i386.rpm     MD5: 1582014084cf4d4eae77429d8ec90a9d
SHA-256: 75e40814e3a21a67ec9accf123283a71410e97940674a1642d7c3b46fbf68c60
tetex-xdvi-3.0-33.15.el5_8.1.i386.rpm     MD5: b6ef9d698f6bae5890d62727a9d3965b
SHA-256: e21a992a329f10ac7660860cd43e3a222f221ad2162cc5e13a81e82c36dbf247
 
x86_64:
tetex-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 6e88737de02048736aa5cded7f7a5217
SHA-256: b0de7acb743bb0d63a04874bb5874ad218154ba595bf40b0f6db6e6228c0c48e
tetex-afm-3.0-33.15.el5_8.1.x86_64.rpm     MD5: f82347ebbbe0ac0a5920e3aaf01cd562
SHA-256: 95210db50c44a9fef57f1dca598806465db8294cddf4e904bf5782e12ee1b106
tetex-debuginfo-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 52a883a8a84fd3810c78a43075f0cc84
SHA-256: 9a7884acc7ab148bbb223d7f797c646b6353e1c945c8735e2029a603ced68d6c
tetex-doc-3.0-33.15.el5_8.1.x86_64.rpm     MD5: f62747c486ea51a952f741c6bcefa2a6
SHA-256: 5f6c36ec0f5110bdccb805bc2b5222bbdbc09ecc42d6af2fa0a0d6cffd0a2e74
tetex-dvips-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 0e577dafc6beb9be4092c84e0fad1f91
SHA-256: 386f1f8b0d651bccddeb3ebdf45d4b4f4c19f828c2fb86c3c491a9109132b358
tetex-fonts-3.0-33.15.el5_8.1.x86_64.rpm     MD5: a511d2bbc586d8db3e09d086f55aea08
SHA-256: 9e4982c6bc361a355cf9296bb359c79165d96abd03872dc26a0e7cac3b0a26de
tetex-latex-3.0-33.15.el5_8.1.x86_64.rpm     MD5: 10082fb3e0320771e087cefac32d5922
SHA-256: 5702e21408b2308cae52d7b046f57ff7ac6271a23533f824dfd63ee756740483
tetex-xdvi-3.0-33.15.el5_8.1.x86_64.rpm     MD5: a6a9ceca08012bb5596f3396c2e6ecc8
SHA-256: 7587da0c607a49ee896b84a574976bddefa48083fcda150b00dc4cefe18dc29f
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

595245 - CVE-2010-3702 xpdf: uninitialized Gfx::parser pointer dereference
638960 - CVE-2010-3704 xpdf: array indexing error in FoFiType1::parse()
666318 - CVE-2010-2642 evince, t1lib: Heap based buffer overflow in DVI file AFM font parser
679732 - CVE-2011-0433 evince, t1lib: Heap-based buffer overflow DVI file AFM font parser
692853 - CVE-2011-1552 t1lib: invalid read crash via crafted Type 1 font
692854 - CVE-2011-1553 t1lib: Use-after-free via crafted Type 1 font
692856 - CVE-2011-1554 t1lib: Off-by-one via crafted Type 1 font
692909 - CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/