[OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)

[OpenPKG <openpkg () openpkg org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory                            The OpenPKG Project
http://www.openpkg.org/security.html              http://www.openpkg.org
openpkg-security () openpkg org                         openpkg () openpkg org
OpenPKG-SA-2002.015                                          16-Dec-2002
________________________________________________________________________

Package:             tetex
Vulnerability:       remote command execution
OpenPKG Specific:    no

Dependent Packages:  none

Affected Releases:   Affected Packages:       Corrected Packages:
OpenPKG 1.0          <= tetex-1.0.7-1.0.0     >= tetex-1.0.7-1.0.1
OpenPKG 1.1          <= tetex-1.0.7-1.1.0     >= tetex-1.0.7-1.1.1
OpenPKG CURRENT      <= tetex-1.0.7-20021204  >= tetex-1.0.7-20021216

Description:
  A vulnerability [1] in the kpathsea(3) library of teTeX was
  discovered. This library is used by xdvi(1) and dvips(1). Both
  programs call the system(3) function insecurely, which allows a remote
  attacker to execute arbitrary commands via cleverly crafted DVI files.
  If dvips(1) is used in a print filter, this allows a local or remote
  attacker with print permission execute arbitrary code as the printing
  system user.

  Check whether you are affected by running "<prefix>/bin/rpm -q tetex".
  If you have an affected version of the samba package (see above),
  please upgrade it according to the solution below.

Solution:
  Update existing packages to newly patched versions of teTeX. Select the
  updated source RPM appropriate for your OpenPKG release [2][3][4], and
  fetch it from the OpenPKG FTP service or a mirror location. Verify its
  integrity [5], build a corresponding binary RPM from it and update your
  OpenPKG installation by applying the binary RPM [6]. For the latest
  OpenPKG 1.1 release, perform the following operations to permanently fix
  the security problem (for other releases adjust accordingly).

  $ ftp ftp.openpkg.org
  ftp> bin
  ftp> cd release/1.1/UPD
  ftp> get tetex-1.0.7-1.1.1.src.rpm
  ftp> bye
  $ <prefix>/bin/rpm -v --checksig tetex-1.0.7-1.1.1.src.rpm
  $ <prefix>/bin/rpm --rebuild tetex-1.0.7-1.1.1.src.rpm
  $ su -
  # <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/tetex-1.0.7-1.1.1.*.rpm
________________________________________________________________________

References:
  [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0836
  [2] ftp://ftp.openpkg.org/release/1.0/UPD/
  [3] ftp://ftp.openpkg.org/release/1.1/UPD/
  [4] ftp://ftp.openpkg.org/current/SRC/
  [5] http://www.openpkg.org/security.html#signature
  [6] http://www.openpkg.org/tutorial.html#regular-source
________________________________________________________________________

For security reasons, this advisory was digitally signed with
the OpenPGP public key "OpenPKG <openpkg () openpkg org>" (ID 63C4CB9F)
of the OpenPKG project which you can find under the official URL
http://www.openpkg.org/openpkg.pgp or on http://keyserver.pgp.com/. To
check the integrity of this advisory, verify its digital signature by
using GnuPG (http://www.gnupg.org/). For example, pipe this message to
the command "gpg --verify --keyserver keyserver.pgp.com".
________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg () openpkg org>

iEYEARECAAYFAj3+AOwACgkQgHWT4GPEy59EaQCg3nIl3ru+vU27i/Wcqm+cUH5N
/tAAn0QY3lN4bmUtNXIwMGsGitW2LMsz
=6F8t
-----END PGP SIGNATURE-----