| ||||||||||||||||
|
| ||||||||||||||||
Fedora alert FEDORA-2007-3031 (xpdf)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-3031 2007-11-09 23:43:48.449840 -------------------------------------------------------------------------------- Name : xpdf Product : Fedora 7 Version : 3.02 Release : 4.fc7 URL : http://www.foolabs.com/xpdf/ Summary : A PDF file viewer for the X Window System Description : Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Xpdf is a small and efficient program which uses standard X fonts. -------------------------------------------------------------------------------- Update Information: Resolves: xpdf memory corruption in DCTStream::readProgressiveDataUnit() xpdf buffer overflow in DCTStream::reset() xpdf buffer overflow in CCITTFaxStream::lookChar() -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 9 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1:3.02-4 - resolve 372461, 372471, 372481 * Tue Aug 28 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1:3.02-3 - fix PDF printing on x86_64 (bz 253601) - add mouse buttons 8 and 9 (bz 255401) - add extra zoom types (bz 251855) - rebuild for BuildID * Mon Aug 6 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1:3.02-2 - fix font list parsing to squelch noise (bz 250709) - cleanup add-to-xpdfrc files, update xpdfrc to include them by default * Wed Aug 1 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1:3.02-1 - bump to 3.02 - patch in security fix - add arabic, greek, hebrew, latin2, turkish lang support -------------------------------------------------------------------------------- References: [ 1 ] Bug #372461 - CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 Multiple xpdf vulnerabilities [f7] https://bugzilla.redhat.com/show_bug.cgi?id=372461 [ 2 ] CVE-2007-4352 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200... [ 3 ] CVE-2007-5392 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200... [ 4 ] CVE-2007-5393 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200... -------------------------------------------------------------------------------- Updated packages: cc0e4f10a1739a10b41382a977d88df1ca809f02 xpdf-debuginfo-3.02-4.fc7.ppc64.rpm f02acca00119622b0f0053498f425a89f5f6d05a xpdf-3.02-4.fc7.ppc64.rpm e2814acc1aa934fcc54c5f1dd2591df85f150846 xpdf-3.02-4.fc7.i386.rpm b4ffa0222094639cb3b803cfbf09b39dbc232c27 xpdf-debuginfo-3.02-4.fc7.i386.rpm 9c62db5aeb9c5d7951be4a6d24beeab6efd08d03 xpdf-3.02-4.fc7.x86_64.rpm 937c964cb1d35860893a3cfe86c1731eb55ff6ff xpdf-debuginfo-3.02-4.fc7.x86_64.rpm fef6a66dc9a26e9d708e72bc70821b63711ee7fa xpdf-3.02-4.fc7.ppc.rpm d344562cb961adff7941a360738d09142ecc9a65 xpdf-debuginfo-3.02-4.fc7.ppc.rpm e4793e635b4d05d80740d5955b5dbd81039baeab xpdf-3.02-4.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update xpdf' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann... (Log in to post comments)
|
|
|||||||||||||||