-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2009-10
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 01 Apr 2009
 Last revised: 01 Apr 2009

 Package: AdobeReader

 Summary: Buffer overflow

 More information:
    Adobe Reader can read documents in PDF format. Adobe Reader also
    allows you to search within PDF files, search for PDF files
    on the internet and participate in collaborative document reviews.

    Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and
    earlier, allows remote attackers to execute arbitrary code via a crafted PDF document,
    related to a non-JavaScript function call and possibly an embedded JBIG2 image stream,
    as exploited in the wild in February 2009 by Trojan.Pidief.E. (CVE-2009-0658)

 Impact:
    Please refer to the "References" section.

 Affected Products:
    - Turbolinux Client 2008

 <Turbolinux Client 2008>

   Binary Packages
   Size: MD5

   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/AdobeReader-8.1.4-1TL1.i586.rpm
     46922949 8af028c24367b03f350c32b163f172b9
   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/AdobeReader-Help-8.1.4-1TL1.i586.rpm
      1232124 626f7d3172526c45eaf9a023e3b2e71e
   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/AdobeReader-Help-chs-8.1.4-1TL1.i586.rpm
      1189350 abb74b64c6afc022f3d0650cfc4cf791
   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/AdobeReader-Help-jpn-8.1.4-1TL1.i586.rpm
      1146031 b80966ffe9a9bc07f29be3b65f1016f1
   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/AdobeReader-chs-8.1.4-1TL1.i586.rpm
     13869691 798c99af18d6a3d9ad82202c5c12b371
   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/AdobeReader-jpn-8.1.4-1TL1.i586.rpm
     12723160 be3f21b95b308946ef05fd32ef54eabe


 References:

 Adobe Security Advisories
   [APSA09-01]
   http://www.adobe.com/support/security/advisories/apsa09-01.html
   http://www.adobe.com/jp/support/security/advisories/apsa09-01.html

 CVE
   [CVE-2009-0658]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0658

 --------------------------------------------------------------------------
 Revision History
    01 Apr 2009 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2009 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAknTCiYACgkQK0LzjOqIJMyh8ACbBcsfAsl7PHj2EcLysyf5MxCO
IEcAoLAZC5PHN7Q2hxghCnaG3XfeceBp
=XCcT
-----END PGP SIGNATURE-----