Yellow Dog Linux Security Announcement -------------------------------------- Package: tetex Issue Date: October 20, 2002 Priority: high Advisory ID: YDU-20021020-8 1. Topic: Updated tetex packages are available. 2. Problem: "dvips contains a vulnerability allowing print users to execute arbitrary commands The dvips utility converts DVI format into PostScript(TM), and is used in [Yellow Dog] Linux as a print filter for printing DVI files. A vulnerability has been found in dvips which uses the system() function insecurely when managing fonts. Since dvips is used in a print filter, this allows local or remote attackers who have print access to carefully craft a print job that would allow them to execute arbitrary code as the user 'lp'. A work around for this vulnerability is to remove the print filter for DVI files. The following commands, run as root, will accomplish this: rm -f /usr/share/printconf/mf_rules/mf40-tetex_filters rm -f /usr/lib/rhs/rhs-printfilters/dvi-to-ps.fpi However, to fix the problem in the dvips utility as well as removing the print filter we recommend that all users upgrade these errata packages which contain a patch for this issue. This vulnerability was discovered by Olaf Kirch of SuSE. Additionally, the file /var/lib/texmf/ls-R had world-writable permissions. This is also fixed in the packages referenced in this advisory." (from Red Had advisory) 3. Solution: a) Updating via apt... We suggest that you use the apt-get program to keep your system up-to-date. The following command(s) will retrieve and install the fixed version of this update onto your system: apt-get update apt-get install tetex b) Updating manually... Download the updates below and then run the following rpm command. (Please use a mirror site) rpm -Fvh [filenames] ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.3/ ppc/tetex-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-afm-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-doc-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-dvilj-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-dvips-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-fonts-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-latex-1.0.7-47.1.2.3a.ppc.rpm ppc/tetex-xdvi-1.0.7-47.1.2.3a.ppc.rpm 4. Verification MD5 checksum Package -------------------------------- ---------------------------- e0d0b260a83993ff2071e3166c962341 ppc/tetex-1.0.7-47.1.2.3a.ppc.rpm 91d9fc2405dd8c8e82518af001986d8c ppc/tetex-afm-1.0.7-47.1.2.3a.ppc.rpm 78ec3f0f1c63c3ed0ac76508d76d531f ppc/tetex-doc-1.0.7-47.1.2.3a.ppc.rpm b2373485d61cf29c666617decc2ae36d ppc/tetex-dvilj-1.0.7-47.1.2.3a.ppc.rpm bf4f24b78efb4c541e546607bb466dd6 ppc/tetex-dvips-1.0.7-47.1.2.3a.ppc.rpm d7d906ba16ce9d4ef4f81dbc24957f29 ppc/tetex-fonts-1.0.7-47.1.2.3a.ppc.rpm bc51531410813cd7bb1b42b20490d365 ppc/tetex-latex-1.0.7-47.1.2.3a.ppc.rpm 7ebdf6a6a196ae106d7d395b82a06332 ppc/tetex-xdvi-1.0.7-47.1.2.3a.ppc.rpm 5c0b55b6b1550fcb52625c45481d0776 SRPMS/tetex-1.0.7-47.1.2.3a.src.rpm I wish to verify that each package has not been corrupted or tampered with, examine the md5sum with the following command: rpm --checksig --nogpg filename 5. Misc. Terra Soft has setup a moderated mailing list where these security, bugfix, and package enhancement announcements will be posted. See http://lists.terrasoftsolutions.com/ for more information. For information regarding the usage of apt-get, see: http://www.yellowdoglinux.com/support/solutions/ydl_general/apt-get.shtml