From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-announce+bounces-1805-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id EC816138D0E
	for <garchives@archives.gentoo.org>; Fri, 10 Jul 2015 08:06:38 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 965F4E0886;
	Fri, 10 Jul 2015 08:05:36 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 76929E084E
	for <gentoo-announce@lists.gentoo.org>; Fri, 10 Jul 2015 08:04:51 +0000 (UTC)
Received: from [192.168.1.33] (46-237-8-131.pppoe.yaroslavl.ru [46.237.8.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: zlogene)
	by smtp.gentoo.org (Postfix) with ESMTPSA id A9254340821
	for <gentoo-announce@lists.gentoo.org>; Fri, 10 Jul 2015 08:04:49 +0000 (UTC)
Message-ID: <559F7C10.1030203@gentoo.org>
Date: Fri, 10 Jul 2015 11:02:24 +0300
From: Mikle Kolyada <zlogene@gentoo.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
Precedence: bulk
List-Post: <mailto:gentoo-announce@lists.gentoo.org>
List-Help: <mailto:gentoo-announce+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-announce+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-announce+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-announce.gentoo.org>
X-BeenThere: gentoo-announce@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-announce@lists.gentoo.org
Subject: [gentoo-announce] [ GLSA 201507-10 ] t1utils: Arbitrary code execution
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="WVrCrIhAGaKCgb0n2qO7JlSvEHbQIbQk7"
X-Archives-Salt: fce0ad76-b2f0-4be9-8fd4-0c8f8ec79641
X-Archives-Hash: 5a70270ed94bd953ebfc2fcda1acd7bc

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--WVrCrIhAGaKCgb0n2qO7JlSvEHbQIbQk7
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201507-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: t1utils: Arbitrary code execution
     Date: July 10, 2015
     Bugs: #548638
       ID: 201507-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=3D=3D=3D=3D=3D=3D=3D=3D

A buffer overflow in t1utils could result in execution of arbitrary
code or Denial of Service.

Background
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

t1utils is a collection of simple Type 1 font manipulation programs.

Affected packages
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  app-text/t1utils              < 1.39                     >=3D 1.39=20

Description
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

t1utils has a buffer overflow in the set_cs_start function in
t1disasm.c.

Impact
=3D=3D=3D=3D=3D=3D

A remote attacker could cause a denial of service and possibly execute
arbitrary code via a crafted font file.

Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

There is no known workaround at this time.

Resolution
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

All t1utils users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=3Dapp-text/t1utils-1.39"

References
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

[ 1 ] CVE-2015-3905
      http://nvd.nist.gov/nvd.cfm?cvename=3DCVE-2015-3905

Availability
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201507-10

Concerns?
=3D=3D=3D=3D=3D=3D=3D=3D=3D

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=3D=3D=3D=3D=3D=3D=3D

Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



--WVrCrIhAGaKCgb0n2qO7JlSvEHbQIbQk7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iJwEAQECAAYFAlWffBYACgkQG9wOWsQutdZZgAQAikAGv6k6oUbQ0Hl4fpOupeLL
21VdqGvKP808xmY6NzDGnDNhB8WI3TugfcsY+DyOUx3QBZVXEUqm7NaNSr6J2gpe
MTvHeFMXIiC3XcOQPQeEG5FC5GkhxYLemUAGmI7j9potX+F8c+LWUsILVmRnfI57
ZSNSq/UfZRKORPxdOTc=
=QVJk
-----END PGP SIGNATURE-----

--WVrCrIhAGaKCgb0n2qO7JlSvEHbQIbQk7--