|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2007-0019
Package names: fetchmail, freetype, gd, libpng, python24
Summary: Multiple vulnerabilities
Date: 2007-05-25
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Secure Linux 3.0.5
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
fetchmail
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.
freetype
The FreeType engine is a free and portable TrueType font rendering
engine, developed to provide TrueType support for a variety of
platforms and environments. FreeType is a library which can open
and manages font files as well as efficiently load, hint and render
individual glyphs. FreeType is not a font server or a complete
text-rendering library.
gd
gd is a graphics library. It allows your code to quickly draw images
complete with lines, arcs, text, multiple colors, cut and paste from
other images, and flood fills, and write out the result as a PNG or
JPEG file. This is particularly useful in World Wide Web applications,
where PNG and JPEG are two of the formats accepted for inline images
by most browsers.
libpng
libpng is a library of functions for creating and manipulating PNG
(Portable Network Graphics) image format files.
python24
Python is an interpreted, interactive, object-oriented programming
language often compared to Tcl, Perl, Scheme or Java. Python includes
modules, classes, exceptions, very high level dynamic data types and
dynamic typing. Python supports interfaces to many system calls and
libraries.
Problem description:
fetchmail < TSL 3.0.5 > < TSL 3.0 >
- New upsteam.
- SECURITY Fix: A weakness has been identified which is caused
by an error in the APOP protocol that fails to properly prevent
MD5 collisions, which could be exploited via man-in-the-middle
attacks and specially crafted message-IDs to potentially disclose
the first three characters of passwords.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-1558 to this issue.
freetype < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Victor Stinner has reported a vulnerability in
FreeType, caused due to an error when parsing malformed TTF
fonts in src/truetype/ttgload.c and may be exploited when
processing a specially crafted TTF font.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2754 to this issue.
gd < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Xavier Roche has reported a vulnerability in GD
Graphics Library caused due to the incorrect use of libpng within
the function "gdPngReadData()" when processing truncated data.
This can be exploited to cause an infinite loop by e.g. tricking
an application using the library to process a specially crafted file.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2756 to this issue.
libpng < TSL 3.0.5 > < TSL 3.0 >< TSL 2.2 > < TSEL 2>
- SECURITY Fix: A vulnerability has been reported in libpng, caused
due to an error in the "png_handle_tRNS" function in pngrutil.c.
This can be exploited by tricking an application using the library
to process a specially crafted PNG file containing a malformed
tRNS chunk.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2445 to this issue.
python24 < TSL 3.0.5 >
- SECURITY Fix: A vulnerability has been identified, which could
be exploited by attackers to gain knowledge of potentially
sensitive information. This issue is caused by an off-by-one
error in the "PyLocale_strxfrm()" [Modules/_localemodule.c]
function when calculating the "n2" buffer size, which could be
exploited by attackers to disclose and read portions of memory.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2052 to this issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from