|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2011-0224 (evince)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 13 Update: evince-2.30.3-2.fc13 


Date:
    	      Wed, 12 Jan 2011 05:23:01 +0000


Message-ID:
    	      <20110112052301.CF193110916@bastion02.phx2.fedoraproject.org>


Archive‑link: 
        	Article


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0224
2011-01-07 19:29:25
--------------------------------------------------------------------------------

Name        : evince
Product     : Fedora 13
Version     : 2.30.3
Release     : 2.fc13
URL         : http://projects.gnome.org/evince/
Summary     : Document viewer
Description :
Evince is simple multi-page document viewer. It can display and print
Portable Document Format (PDF), PostScript (PS) and Encapsulated PostScript
(EPS) files. When supported by the document format, evince allows searching
for text, copying text to the clipboard, hypertext navigation,
table-of-contents bookmarks and editing of forms.

 Support for other document formats such as DVI and DJVU can be added by
installing additional backends.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan  6 2011 Marek Kasik <mkasik@redhat.com> - 2.30.3-2
- Fixes CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643
- Resolves: #667573
* Fri Jun 25 2010 Marek Kasik <mkasik@redhat.com> - 2.30.3-1
- Update to 2.30.3
* Tue Jun 22 2010 Marek Kasik <mkasik@redhat.com> - 2.30.2-1
- Update to 2.30.2 (resolves #587495)
- Remove unused patches
* Tue Jun 22 2010 Marek Kasik <mkasik@redhat.com> - 2.30.1-3
- Check whether metadata is NULL before using it
- Resolves: #597777
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #666314 - CVE-2010-2641 evince: Array index errror in DVI file VF font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666314
  [ 2 ] Bug #666318 - CVE-2010-2642 evince: Heap based buffer overflow in DVI file AFM font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666318
  [ 3 ] Bug #666313 - CVE-2010-2640 evince: Array index errror in DVI file PK font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666313
  [ 4 ] Bug #666321 - CVE-2010-2643 evince: Integer overflow in DVI file TFM font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666321
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update evince' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds