MDKSA-2006:212

Package name

doxygen

Date

2006-11-16

Advisory ID

MDKSA-2006:212

Affected versions

CS4.0 x86_64 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64

Problem description

Doxygen is a documentation system for C, C++ and IDL. It is built with
a private copy of libpng, and as such could be susceptible to some of
the same vulnerabilities:

Buffer overflow in the png_decompress_chunk function in pngrutil.c in
libpng before 1.2.12 allows context-dependent attackers to cause a
denial of service and possibly execute arbitrary code via unspecified
vectors related to "chunk error processing," possibly involving the
"chunk_name". (CVE-2006-3334)

It is questionable whether this issue is actually exploitable, but the
patch to correct the issue has been included in versions < 1.2.12.

Tavis Ormandy, of the Gentoo Linux Security Auditing Team, discovered a
typo in png_set_sPLT() that may cause an application using libpng to
read out of bounds, resulting in a crash. (CVE-2006-5793)

In addition, an patch to address several old vulnerabilities has been
applied to this build. (CAN-2002-1363, CAN-2004-0421, CAN-2004-0597,
CAN-2004-0598, CAN-2004-0599)

Packages have been patched to correct these issues.

Updated packages

CS4.0 x86_64

 0568b10460c651f18fd3e2a8e76b4300  corporate/4.0/x86_64/doxygen-1.4.4-1.1.20060mlcs4.x86_64.rpm 
 8223a356c6cf8a790dd20b3d70533f19  corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm

2006.0 i586

 f85fd4b73ca06136e4346df073851e5f  2006.0/i586/doxygen-1.4.4-1.1.20060mdk.i586.rpm 
 0842c1496bbb02b79d5cef3386b19380  2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm

2007.0 x86_64

 7fca6ebbe6f07e51de7fd771678277b4  2007.0/x86_64/doxygen-1.4.7-1.1mdv2007.0.x86_64.rpm 
 f673aab0185f79a8aa048f69b06807bf  2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm

2007.0 i586

 9d0af28627560057e6c80e64bbacf030  2007.0/i586/doxygen-1.4.7-1.1mdv2007.0.i586.rpm 
 f673aab0185f79a8aa048f69b06807bf  2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm

CS3.0 x86_64

 d988dc94c39515b3855116709bcc84de  corporate/3.0/x86_64/doxygen-1.3.5-2.1.C30mdk.x86_64.rpm 
 9e84b6e12b77f43d123888b7ae05e5f4  corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm

CS4.0 i586

 a3b4702c81d1739249d59782efb316dc  corporate/4.0/i586/doxygen-1.4.4-1.1.20060mlcs4.i586.rpm 
 8223a356c6cf8a790dd20b3d70533f19  corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm

CS3.0 i586

 9452cede2d92671808eebe1adfc395ef  corporate/3.0/i586/doxygen-1.3.5-2.1.C30mdk.i586.rpm 
 9e84b6e12b77f43d123888b7ae05e5f4  corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm

2006.0 x86_64

 fc3e569bd8ad2aa9aea76a6f4246cfec  2006.0/x86_64/doxygen-1.4.4-1.1.20060mdk.x86_64.rpm 
 0842c1496bbb02b79d5cef3386b19380  2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793