LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for July 2, 2009

RealtimeKit and the audio problem

VFAT patent avoidance and patent workarounds

LWN.net Weekly Edition for June 25, 2009

Apache attacked by a "slow loris"

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2007-3014 (xpdf)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 8 Update: xpdf-3.02-4.fc8


Date:
    	      Fri, 09 Nov 2007 16:41:42 -0700


Message-ID:
    	      <200711092341.lA9NfJ0n011644@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3014
2007-11-09 23:41:37.319303
--------------------------------------------------------------------------------

Name        : xpdf
Product     : Fedora 8
Version     : 3.02
Release     : 4.fc8
URL         : http://www.foolabs.com/xpdf/
Summary     : A PDF file viewer for the X Window System
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.

--------------------------------------------------------------------------------
Update Information:

Resolves:
xpdf memory corruption in DCTStream::readProgressiveDataUnit()
xpdf buffer overflow in DCTStream::reset()
xpdf buffer overflow in CCITTFaxStream::lookChar()
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov  9 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1:3.02-4
- resolve 372461, 372471, 372481
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #372471 - CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 Multiple xpdf vulnerabilities [f8]
        https://bugzilla.redhat.com/show_bug.cgi?id=372471
  [ 2 ] CVE-2007-4352
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
  [ 3 ] CVE-2007-5392
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
  [ 4 ] CVE-2007-5393
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
--------------------------------------------------------------------------------
Updated packages:

ff68b94139fbaa10d8c4cc31fd237bd6f82780ca xpdf-3.02-4.fc8.ppc64.rpm
b7160ed1a321338e53322755892d9986491c2eeb xpdf-debuginfo-3.02-4.fc8.ppc64.rpm
71271def0a915869659bbdc2774e1ea9e418bffa xpdf-3.02-4.fc8.i386.rpm
fec5aeca869105175bc1bc89daf4bdceb253a7f1 xpdf-debuginfo-3.02-4.fc8.i386.rpm
914dcb09f480212da136d817aed3e8fdea875990 xpdf-debuginfo-3.02-4.fc8.x86_64.rpm
db7f474c2780b53e5ce969bd1436d4f323bf89a8 xpdf-3.02-4.fc8.x86_64.rpm
85dfdfdba02c999ca0405c4260620b866fdffa08 xpdf-debuginfo-3.02-4.fc8.ppc.rpm
f4636894dec972d4cb12ab7ee5ac101ca5dcf5b1 xpdf-3.02-4.fc8.ppc.rpm
cad54df0ef2c8c9d594e32263742adef4fcde562 xpdf-3.02-4.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update xpdf' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds