-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

                        SUSE Security Announcement

        Package:                xpdf, kdegraphics3-pdf, koffice, libextractor,
                                poppler, gpdf, cups, pdf, pdftohtml
        Announcement ID:        SUSE-SA:2007:060
        Date:                   Wed, 14 Nov 2007 16:00:00 +0000
        Affected Products:      SUSE LINUX 10.0
                                SUSE LINUX 10.1
                                openSUSE 10.2
                                openSUSE 10.3
                                UnitedLinux 1.0
                                SuSE Linux Enterprise Server 8
                                SuSE Linux Openexchange Server 4
                                SuSE Linux Desktop 1.0
                                SuSE Linux Standard Server 8
                                SuSE Linux School Server
                                SUSE LINUX Retail Solution 8
                                SUSE SLES 9
                                SLES SDK 9
                                Novell Linux Desktop 9
                                Open Enterprise Server
                                Novell Linux POS 9
                                SUSE Linux Enterprise Desktop 10 SP1
                                SLE SDK 10 SP1
                                SUSE Linux Enterprise Server 10 SP1
        Vulnerability Type:     remote code execution
        Severity (1-10):        8
        SUSE Default Package:   yes
        Cross-References:       CVE-2007-4352
                                CVE-2007-5392
                                CVE-2007-5393

    Content of This Advisory:
        1) Security Vulnerability Resolved:
             various security vulnerabilities
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            none
        6) Authenticity Verification and Additional Information

______________________________________________________________________________

1) Problem Description and Brief Discussion

   Secunia Research reported three security bugs in xpdf.
   The first problem occurs while indexing an array in DCTStream::
   readProgressiveDataUnit() and is tracked by CVE-2007-4352. Another method
   in the same class named reset() is vulnerable to an integer overflow which
   leads to an overflow on the heap, CVE-2007-5392. The last bug also causes
   an overflow on the heap but this time in method lookChar() of class
   CCITTFaxStream, CVE-2007-5393.
   
   All three bugs can be exploited remotely with a crafted PDF file with user-
   assistance only.
   
   These bugs do not only affect xpdf but also the following packages:
   kdegraphics3-pdf, koffice, libextractor, poppler, gpdf, cups, pdf, pdftohtml

2) Solution or Work-Around

   There is no work-around kown.

3) Special Instructions and Notes

   none

4) Package Location and Checksums

   The preferred method for installing security updates is to use the YaST
   Online Update (YOU) tool. YOU detects which updates are required and
   automatically performs the necessary steps to verify and install them.
   Alternatively, download the update packages for your distribution manually
   and verify their integrity by the methods listed in Section 6 of this
   announcement. Then install the packages using the command

     rpm -Fhv 

   to apply the update, replacing  with the filename of the
   downloaded RPM package.

   
   x86 Platform:
   
   openSUSE 10.3:
             345b9fc437ddccee7bbc7a118b7ce34a
             50cb911ced9c672be30ded05b48f3942
             101cd80120c456a3f8f5b7a85c30b18f
             e3419ea2ab82b7470264191f2495ae50
             d9a61346fd1e9829c0e5b43146d8ab31
             57226a84bdac539541acc6ef68f8e389
             aa8db92e6d395490e585a05f1b5175e6
             59568e18669a24bb621caf1e8914ba1c
             7dad8ded2f0fc1a7af8056363fa29915
             ee923a963e94d50589e2d3580f2d2021
             e3c1cec13c238717b4d92d10de8e26bb
             3ee30976dd32e57681f4f05985be492f
             3ced3acab9e78323b7963e480778ce40
   
   openSUSE 10.2:
             3139b546a5890ddd3b60450e75dbc51d
             fcd1e373d7f2654a7d556a7811ba6570
             d4d7da3c37248cd8184b9512a5055e8d
             2110078d83fa5c00b958bb40653afe1f
             d1c6798825679d94e59688df358f2815
             f32587afe52d45eef469ce50785492eb
             0d6740e3e482616347d25dfe8e2cd727
             4ecf867cae679b33c1829b5f42a1b8dd
             64e32dd5635929acb99f036d9fa8d458
             7a2d7b8597926351c970d2d9890bd70b
             7f7ff0e224a3157ecd1cc423fd98ee7a
             a947d5b0ade3d46e9842d15a61d6afb7
             65e341c9e3525d2b36b78a384ec488ce
             caf05a8c0c5bba94bbdcaf8f86105d19
             ccae69f1be81b548fd89665c3626ab25
             795a1a93bb8a716f7ab93a1dca0f9f94
             4c65c50ce7fd907ce28492f8066540b8
             a57e21dc972fe61bc6924d0e227a3425
             27efb92fdaab89d4d3de4f6872009e31
             6ffcfc677db7c4ca71762afd5907b046
             1776d3fadabd20ad55eb82ed1f2fce35
             7fb670644aeaba11aa5e5923edbf5aa3
             9b610714ee13690ba236dfd2c126ce6f
   
   SUSE LINUX 10.1:
             acc52ac714e5c1bce043bb9e2b89c276
             fc46c124fe8f712fcdba9cd2da992d5e
             aa8f7abf0bf4a292fbb3e7bc178fffb6
             f1cd69f6de248738a1389ce3ea559d1e
             dd9e10c9c6f0bab6cb60a18315022873
             aeded6042f620f83783c79d5a83af525
             9c9377a4c69cdf024759ab1ca56f21c7
             5d1f25e3480abf5892ccc339794303fc
             d55259530f75913fc17894ab5707135a
             47c8fd6deb6d090bf82f552e4ba81ef4
             d57dd054ce1db3c69fcac150367148cf
             4fc3f45b42fb6caea31c19450289e368
             96ea40119ee3243a290b91eae7ffe920
             0a416a5887076e9dc67ec3fb853dd2a1
             a0cdb8d10e8952f09bafabebdf9e4d19
             8554647e4b637218cac489b09bba7439
             c9352dfbc8ba32999e95a65d5770f681
             c9b3f757d1ffed8586e5843fdd9147c5
             a70ea528c7f4eb50f74b0391b1a0bc9a
             cea69a83fec658a060d4a52a1d23118c
             18b41e6fe3dff5f7e0b0d640b78dc5c3
             e3db10905926a4e1b481fd326b5bb936
             b5eb8a910e907b55882a6a42ddad03a7
   
   SUSE LINUX 10.0:
             ec1243638ea76085bb5a8c9df73653d6
             50b3c3943fe6a1eb1cb9e17593f748e7
             54234448b3d0db73667c1f6b276a299d
             4d079d49dc9357cafb6a64fc5152cf8b
             0a2d2f1f72064c62dc80413bfbdcf703
             258f139a71c8006ab43bb832d1a94f02
             cdb035a67d437fb3124f5e5f4cb784ae
             401abda58adacdcfea54a390bd352d25
             be8b1a1e2db7f8a22992454426a916b9
             ad76cacc749f0367578fbb86ac7b6580
             17b618dff98200999ab1ee58667c7669
             eb9b6c32f04c0f904862f7db580a483b
             b4b403407509d4f245fd5f1ce8793bbe
             dc55d423ff5e533ba0377aab6624284d
             5324ebbb6ef34cb7f7749d14c80750d3
             e98744ef62f5051a8e2ec5539faa02d1
             543f9c5c34239002ad9dad084d8d9f26
             d147aa24d4e32d13a391389793bfe2ee
             a9662c695d63c7e00804f2e5e6a0657d
             7015b890e0f3f8bc96b738d11cc9bb70
             398829577f90994e24235b8aac2dadbf
             794dd52eb09eb61263522e76f8a07178
             ff01c1e7443172660ed96cbdc70a2b66
   
   openSUSE 10.3:
             99d398454307d0bb9651c0556c266de4
             8d536a802caff84a4c33674338ea8fd6
             0b05322b98d735ed6fc53bc485a69ead
             ab1d24c8dbc4e44b23eea492a242131c
             7687e5851a60c6ddb8f33d453da32fee
             4dfe3d217e5a3c129fa679d0c1d92aab
             d2ac0b9e41c016cabd627d05bf23dfb3
             cfaf2f7373dc0dc68f84d994e687758e
             424858b37212f907089cfad5de7b8cbe
             48b88d5c628ab89767b0ceaf16367260
             a72b86398e4c8f924ee431258d940c04
             f9b8b34307fc8efb3ce486c5bb006d5e
             017f59801300ee3a066fd83f43907d6f
             fb0f438f2934cbbdc548da9047d142e7
   
   openSUSE 10.2:
             7caa4cbc1b91a3301485af57ddd9a5f8
             cc0d179e1e098251b6f8577329d492fe
             b131f47b0b03c9505591b72297543a8a
   
   Power PC Platform:
   
   openSUSE 10.3:
             5c8d0dbba4d3a2c52f7470f6597f3b81
             d28ac94ab2404bef67bc250c12f1ace0
             7207b43ed41c64a6941ac7871ede2815
             99025b49ba5188fc436a28bf28e1f87c
             c46465a6c06ed2d7ce140488a88de4ff
             40c262c6077013fbee1379ff410dd249
             6db4bcb3539d644647ed76f4510196c2
             0acd4821a10cfa6fc1a6d8b71eeccb4a
             6f42a00518e26ec797f941a5da29ae0b
             5ac0338ccaa929ce4df4ca0f9c141db2
             bf5300f4b23b22b38c50d9140b6752ff
             b219c99a1e02fba5d99d34747fc87034
             c1d54781fa2fca722b7ba4c0120840d1
             f49791ebbf58d06ba59ceaf7535b8918
             8c68ff90e5e767694d7853ca3f91f512
             c3a47f1f523d324796ded308875e9102
             dceba5d8e3a6e0f2523d444709bdea7d
             c2ddfca6d3c6c2cd3f69b1beb5b6c1a1
             9685ec456b37268f0542cee48c0961bb
             ec2430fdf37d1bcac92ef41854881938
             4e53105307081af61ada3c8ff11c4314
             59002b39b03487d4e6e1804c683a2009
             d8547453f912b2d985dcb53da6c4ad2c
             d163b43a6f16399a46dd043005afab01
   
   openSUSE 10.2:
             d5e9ddfbd7b811d9459cb5b671445c72
             4e4c6596b6818b21a67b9134dd998f52
             a412d9097883f31b3ead2ba465e919c6
             f3372a6cbb2daf7dada17c33ccf0369d
             b098ef0e828d63fc29ab6761483a1d6e
             63108fb82cd68fcf23ce8b7ff8b860d3
             d7c7cddb69a5c92cc940277ff2e5d56b
             e4beed6482eec0738f02d452043113c7
             4a99a6a186a78c0ef1aa79e0679c0382
             07a6f2eb9b197aaddd88e9edec159038
             5569e1a150c99cad4a7df8df361a396c
             60860d2df788879d48e1f947abc9dd5f
             2077e22ee8bc7d703abdc9e88b523d96
             1be3341d5fda66008931839fdda98af3
             9566edb0c094cda6f0af378be4a0c36f
             7240eb79ed72808956b4573fd2e39339
             ab184afc3c1f44e118b429d41ddfd7bf
             9a3e056f40bb3a7cd879f3d2fffe473c
             6359866d5eb9c408a137c5923527390f
             1742432730bdfe5b90f7af7044a9580c
             8ec8bcaeff1d902440cbd9d478145f04
             8316086b76ef18ac20928dba213f72f3
             c3110578c4bfd602d8614053cdaf4b98
   
   SUSE LINUX 10.1:
             7363adf91be7ab49e6e028e7029f0a42
             93dc51b76235951ede9c87153bae69c7
             02a21da5bc70d9bd569042e97e6a9041
             427c8c6805a14d323afb3f55ae04b25f
             315537180b1afcd128782c8fa854cdbc
             15d828b0a6031d77cb748cb4921342f7
             562b0a10ceb94fb9938db3ad3ae4a3fc
             66f9f2878e8dd0228e7dc58b78a15244
             8774f090aabe1b14c59c238f38c5065d
             1542de8f27bc354d5c735fe28823baf0
             09a89a49802166ab99b962732dd62f94
             72d0d79050ecf0a753ddfa0beb9ce6d3
             c4d5afe8d133a2535446a57b176e07e8
             b025facfba70989f0efa6138922884e0
             8619679086227f968d1485fd033b484e
             d4916edec0a030bbc0223fbf5cfcbdca
             ee1d30e1b85f7cee33d6af21c4d60a80
             f360d766c27159cd6f212402cc417cfa
             9a8537efa773694807482f5bf7c6e2bf
             70085493e667dcb327c3deda95ddfd75
             1efee1dd0305d73167f4cf15e7783293
   
   SUSE LINUX 10.0:
             05677554dcf20a5758fbb1662d082d2d
             4af3fa5c4e0bb2a80f0c0964897feb8c
             7d961b475bc91d967a6c6edcaae15dd5
             34461478b8fd187c6112a992dbce876f
             45fa4ad637365ac731173fd2a4b4d8c1
             89269b47fd6d8a74a60f311ebb0ea835
             b3ed69719ba604f5b20d2bcfd7adaec8
             7ec038f545472372e59313808a2e78da
             fca8fae942254a0591a88a2b9f62eb9a
             0f8355e0fe510ec19fe3fa19b636a76f
             adfba4f8d72a64da177253bff466ea3a
             21475173bf9a07d88fb0184c9e89ea21
             79ad94202a0f2241916eee6580a9eccd
             fd7cc066f74cda44d5b7145f4b8a4b46
             1a1c97efdd3ca7e04317d99a3401f8a3
             c3dc77c02148efe46d421109164c1d67
             2344badfe361a3c41c592920725b6c78
             4bf5a271da0bbdbddd5d0d3ad4979019
             af40a5f133d6824411087253f9d96cdf
             4b1e4b1b9f5c0dd7085a0bc569b3a6df
             f2e44da24faf378422a335eb6e0df005
             fdab1249222934637fa2931f158bdb7a
             3033cef279012f7bbf2f53206e83ee7a
   
   openSUSE 10.3:
             1e02a1cc8671a69063cfc530b675041b
             dfebfbc234ba66a95bf40cff16f178d8
             53da3ccfbced79e1b7a6b84deb4e4940
   
   openSUSE 10.2:
             fd4e86bac9ae4825b2c19a28e9284daa
             abb5e0e9a1754d53090b505bd5ca6841
             b0497d057c554e32636a2a5c7e39dcd0
   
   SUSE LINUX 10.1:
             88f1ffe14587e59cb8ed22a79e174243
             90a7aab0e4e85f7ed88d4035b6ad8898
   
   x86-64 Platform:
   
   openSUSE 10.3:
             db798f54006e2bb020bda6e07c9c839b
             ac838addf8742811763a6ca9a156a3ad
             8d98a1a715487edad88522bf34928654
             398a5dc9b0d85d2b49bb3975ff3972fc
             2a65f5f77d47fd093da8043698e024c5
             a121a01ebe8707005bca703502ccfd6b
             c0f2c9b3f0d7bff89e9c125df460349d
             f47dc181c4f1b8a0a5ef0fb4df91af2f
             916ae3c8779baea3f289f5b0d2d03e0b
             13e3ee1370ddf9b6f1573c0a2fc1a5e9
             b8b79bd27c10cc419f6886551053fcda
             1232ed85c7652686eaa8821c0fa61f89
             5ff33163c9240f61d7089c7ffe5419fd
             92e225958f54aac2f81a04d95666f95b
             5840ecb3814f985a877afa7d2c265489
             1731a2674faeaa449ddc6c332e8b9ee2
             2cb89c938690ed47b045053a3f961cdd
             ff45ab8b1d1ddb865e20ba8bc630b4d3
             32ad24d04ce07cb6210967ef2a218684
             4538948820df8743f0ac58d965eb89ca
             7356af830c07c536cf8a05c0550d42c5
             f5d472588965beddeff08a26e5709ba1
             3c5ea3b1be3272a8eea1bce56ab97915
   
   openSUSE 10.2:
             c6530c1a47a3781e8b201e19d8f73cf4
             a190861fc22ca4bb9c55acbb17646a10
             5161aa8c8ee4f731fe905163fa41f30d
             f0faf1e2eae3cc92b26825fbcc679dda
             cdba07de0aae5cc0a5a210f0ec0a5087
             d43a3f67bf12c3c07bbc4d505cb14ef5
             448bb6c4b54dbc2719fed891a2e247ad
             3194461b81d15364991e3f8cbadeaa61
             0cfd1b2ff0014d74f835b039e5c08cc7
             5339ed7818f7eea91e71ccfb07cdfa29
             90f19fa4f580c705abb29a49453e8335
             556c1bc238604fdcef4b2270fc4e1b18
             b79732151bc28fce8d8140dc9f875b42
             819046c20baa05a9629ac92004d45a86
             52782b1fa018ff1f95daecc10c90c226
             856f1b14fae9203d2eeca6a496522cbc
             63c1ae8f04c1dbca5530734ea33fc66a
             c93f2de4cb8720efdc15a1563309498c
             7c977dd4c44e9c93437c23b4a7931840
             d60a2d793c368afb9e9748f5447630aa
             565745e389a6177bbc26283448da9265
             befb55ffb32b8d0640113b44289619e0
             b182da6a5a80834d76e36ff2d20f6653
             966cfc1fe6e35bd0f2e28be91fc45ee7
             a84388b11e820296c767cb0f53bc480e
             a6b0b0947a08e8bcc95e4cde42cf3922
   
   SUSE LINUX 10.1:
             c3d5548c7284ca04019cacee9acef068
             c4b8d812d27128aaa08149c42e984c4e
             c43e8b65de1a6919ff8e4c74c7c68912
             8b15abe03e7073b4f75fe2988c7e352f
             59c51697c429d177ddd84ca3fb17d04e
             d800fa04c985320eba3715420839a58c
             b20be621c4300e54730bde79bab0f09c
             731f1946155e7faa78523cc14256580c
             a140863bdc008e22198dff13b9d4cd71
             3bfdc8323c47e15820fc8e7858e1bb56
             27232c5e29b27afeabe7f143afcccdf2
             8998efaf089c5ae19c698195aca7d709
             d1027549f41c395de67f8eb235cb84c5
             867884ed8eba9fbdcb2f43cf8fc39f7f
             0bcb0872571c7cbf9c85fdcd3abb6c2f
             6e6d08f95393b8743f790d487d9700df
             6f42fa404dfe94522458255bcb2fe177
             63840c1f2fc72b0e166c59363306a86f
             c0fc539382c6131f222240a0cde10f52
             99ce1d5dce4a5d467f449cae9411dec3
             6bc3803ef8a6203de0746e8e963a99b3
   
   SUSE LINUX 10.0:
             4583bdcbf24da0aee5c6aad32a301c19
             b697a094acc332ca97946e2c0e28d2ed
             ff2007650a6d8a476d8cc921742bac6d
             86230439e099ab7fd4bbc64ecd975519
             3a31219897f8038bb3b5415fba847d7c
             c87f63ad83caee0a6fcb439888525361
             f44487854f5db1ab28450fbba3369dc9
             f48709f2361458bf3f1e54abf2800a54
             586b8a4e36d86def75efa82bc2c8080b
             27d1ce251e15cc9ac54a6842c6822695
             c9972c827561139a292a8b7281fc6260
             a626a70e69a78722654e2ff2d544dc06
             67ef5d7d094b4c49cda53de59a1ff999
             a0ac4c32905bc83cf217e33204634e1e
             51cf1ceb6ac86752032a22e0099279eb
   
   openSUSE 10.3:
             b788beaf2e2ae37361bdc5b420dfa075
             ced7d6bd72465631ba01e75efc3145c8
             9fbf877336127b6518eb8b1bb39bd50e
             d51f6a35885be7ffe42c2f84e9e6fa29
             c66872283fe775d18e7bb2dadeaa09cf
   
   openSUSE 10.2:
             427260240fdba45fc8df5c1e0be6bddf
   
   SUSE LINUX 10.1:
             281c836d80a8608a34bd863a5daefc67
             fdc62e80dbf5985ec926d7ee77adacaf
             d9f97225b832a9a72e988cae6bf4cb7d
   
   SUSE LINUX 10.0:
             d5a78603c1442bf65c2f208533cb9764
             99f705eba6147315d51c0533b2fb6e83
             c09fadb67d9a0e6480e5bac1b9830523
             7291280656b0d5d3350d1b1220b2b9c0
             3ee9c987513ab47c9b1a9874a72e6d2a
             b5fe187c730fdf3a70eeb48ccd095334
             0e70401d95af40abf551c1951d08741a
             8ad7892c5583102078e0280ade50f761
             10dee48a17eacc8677efb10ca7edfba8
   
   Sources:
   
   openSUSE 10.3:
             16cdde69c54cb6e4c43fa90dee334acf
             f673a5531c0b28d5a85babd208c133e0
   
   openSUSE 10.2:
             b3f4d5fe9c6b97c99e6067e2fef89c07
             7f352604cfc9c8a0b17b145fb1de5f64
             2f9dafedeeeed6fd8939ca5c916d8eb5
             22c4bf37a00ec2db9d06dd903329652f
   
   SUSE LINUX 10.1:
             bc3d105f128fdee4689f3793b0ee2264
             996eed216c8233d537c35a421b23f210
             055e78d4bc54cee074d5bf4e66a0783e
             83a2c6366986951cc45b08c4aa1de787
             3b383c32560ee43846ca821c3d601719
             6e32dc03d7230b35fa868187196fc4c1
   
   SUSE LINUX 10.0:
             863cbf45b51218986fde130175997631
             0dfd0683799e36e611f3d5cb6bbe99a3
             016563ef574d633c7cbc1f4bd002c4c1
             d246a7e37d0bf061d003987bf8fb75be
             443b872f66b3409564c5f1710e8111d4
             764a22bd492efa02b9d8ee785a912078
             74e9c8db3aecad8e589fc526b5596c13
   
   openSUSE 10.3:
             fe08192401ae80dff9ebdd0a55c301b7
             e9044572d4467639b5b3a1c228943b8e
   
   openSUSE 10.2:
             afd13575bdd1f91c36efe37cfcd430a9
   
   SUSE LINUX 10.1:
             81e2fa96bf4264f16c99f71c0c3da776
   
   Our maintenance customers are notified individually. The packages are
   offered for installation from the maintenance web:
   
   UnitedLinux 1.0
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SuSE Linux Openexchange Server 4
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   Open Enterprise Server
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   Novell Linux POS 9
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   Novell Linux Desktop 9
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SuSE Linux Enterprise Server 8
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SuSE Linux Standard Server 8
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SuSE Linux School Server
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SUSE LINUX Retail Solution 8
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SUSE SLES 9
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
   
   SLES SDK 9
     http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
   
   SUSE Linux Enterprise Server 10 SP1
     http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
     http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
     http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
   
   SLE SDK 10 SP1
     http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
     http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
   
   SUSE Linux Enterprise Desktop 10 SP1
     http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
     http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
     http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
   
   SuSE Linux Desktop 1.0
     http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
     http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html

______________________________________________________________________________

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

  Please consult our weekly security summary report.

______________________________________________________________________________

6) Authenticity Verification and Additional Information

  - Announcement authenticity verification:

    SUSE security announcements are published via mailing lists and on Web
    sites. The authenticity and integrity of a SUSE security announcement is
    guaranteed by a cryptographic signature in each announcement. All SUSE
    security announcements are published with a valid signature.

    To verify the signature of the announcement, save it as text into a file
    and run the command

      gpg --verify 

    replacing  with the name of the file where you saved the
    announcement. The output for a valid signature looks like:

      gpg: Signature made  using RSA key ID 3D25D3D9
      gpg: Good signature from "SuSE Security Team "

    where  is replaced by the date the document was signed.

    If the security team's key is not contained in your key ring, you can
    import it from the first installation CD. To import the key, use the
    command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

  - Package authenticity verification:

    SUSE update packages are available on many mirror FTP servers all over the
    world. While this service is considered valuable and important to the free
    and open source software community, the authenticity and the integrity of
    a package needs to be verified to ensure that it has not been tampered
    with.

    There are two verification methods that can be used independently from
    each other to prove the authenticity of a downloaded file or RPM package:

    1) Using the internal gpg signatures of the rpm package
    2) MD5 checksums as provided in this announcement

    1) The internal rpm package signatures provide an easy way to verify the
       authenticity of an RPM package. Use the command

        rpm -v --checksig 

       to verify the signature of the package, replacing  with the
       filename of the RPM package downloaded. The package is unmodified if it
       contains a valid signature from build@suse.de with the key ID 9C800ACA.

       This key is automatically imported into the RPM database (on
       RPMv4-based distributions) and the gpg key ring of 'root' during
       installation. You can also find it on the first installation CD and at
       the end of this announcement.

    2) If you need an alternative means of verification, use the md5sum
       command to verify the authenticity of the packages. Execute the command

         md5sum 

       after you downloaded the file from a SUSE FTP server or its mirrors.
       Then compare the resulting md5sum with the one that is listed in the
       SUSE security announcement. Because the announcement containing the
       checksums is cryptographically signed (by security@suse.de), the
       checksums show proof of the authenticity of the package if the
       signature of the announcement is valid. Note that the md5 sums
       published in the SUSE Security Announcements are valid for the
       respective packages only. Newer versions of these packages cannot be
       verified.

  - SUSE runs two security mailing lists to which any interested party may
    subscribe:

    opensuse-security@opensuse.org
        -   General Linux and SUSE security discussion.
            All SUSE security announcements are sent to this list.
            To subscribe, send an e-mail to
                .

    opensuse-security-announce@opensuse.org
        -   SUSE's announce-only mailing list.
            Only SUSE's security announcements are sent to this list.
            To subscribe, send an e-mail to
                .

    ====================================================================    SUSE's security contact is  or .
    The  public key is listed below.
    ====================================================================