LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2006-104 (xpdf)



From:
    	      "Than Ngo" <than@redhat.com>


To:
    	      fedora-announce-list@redhat.com


Subject:
    	      [SECURITY] Fedora Core 4 Update: xpdf-3.01-0.FC4.8


Date:
    	      Fri, 10 Feb 2006 10:33:42 -0500


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-104
2006-02-10
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : xpdf
Version     : 3.01                      
Release     : 0.FC4.8                  
Summary     : A PDF file viewer for the X Window System.
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.

---------------------------------------------------------------------
Update Information:

xpdf contains a heap based buffer overflow in the splash
rasterizer engine that can crash kpdf or even execute
arbitrary code.

Users impacted by these issues, should update to this new
package release.
---------------------------------------------------------------------
* Tue Feb  7 2006 Than Ngo <than@redhat.com> 1:3.01-0.FC4.8
- apply official patch to fix buffer overflow issue in the xpdf codebase
  when handling splash images CVE-2006-0301 (#179047).
* Fri Jan 27 2006 Than Ngo <than@redhat.com> 1:3.01-0.FC4.7
- apply patch to fix buffer overflow issue in the xpdf codebase
  when handling splash images CVE-2006-0301 (#179047).

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/u...

aea6ed92fb72a3f6674e77f6d973d6227a174385  SRPMS/xpdf-3.01-0.FC4.8.src.rpm
39f47f83421e36ff6b5ab0713ca792555eaac2d3  ppc/xpdf-3.01-0.FC4.8.ppc.rpm
9b557fbbd3a8ae434c2f0ad244fa1bcf7dabe6fa  ppc/debug/xpdf-debuginfo-3.01-0.FC4.8.ppc.rpm
565e4e6eefaad8c740db501fbe87424c21cb32ea  x86_64/xpdf-3.01-0.FC4.8.x86_64.rpm
91fd44a731cd12ff96e76b34381c047465af3983  x86_64/debug/xpdf-debuginfo-3.01-0.FC4.8.x86_64.rpm
4d4190ad7743c84acc0ad2070ae6ece97dab7232  i386/xpdf-3.01-0.FC4.8.i386.rpm
6e39fde98f929e680ee931cc5146a23d6e7e9c67  i386/debug/xpdf-debuginfo-3.01-0.FC4.8.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds