[SECURITY] Fedora Core 2 Update: xpdf-3.00-3.6

Tim Waugh twaugh at redhat.com
Wed Dec 22 20:46:48 UTC 2004


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-572
2004-12-22
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : xpdf
Version     : 3.00                      
Release     : 3.6                  
Summary     : A PDF file viewer for the X Window System.
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.

---------------------------------------------------------------------
Update Information:

This package fixes a buffer overflow which allows attackers to cause the
xpdf application to crash, and possibly to execute arbitrary code.  The
Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned
the name CAN-2004-1125 to this issue.

---------------------------------------------------------------------
* Wed Dec 22 2004 Tim Waugh <twaugh at redhat.com> 1:3.00-3.6

- Applied patch to fix CAN-2004-1125 (bug #143500).


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

917422b5087ab12727223d4e570ade55  SRPMS/xpdf-3.00-3.6.src.rpm
293af32ed4f834a436dcdd1ddf7eab1b  x86_64/xpdf-3.00-3.6.x86_64.rpm
ff615294add6b4b8de966ff09168cfd9  x86_64/debug/xpdf-debuginfo-3.00-3.6.x86_64.rpm
2c70874a77f954e1de778457d4889154  i386/xpdf-3.00-3.6.i386.rpm
3222f6518777a6dcef53714a0b050c6d  i386/debug/xpdf-debuginfo-3.00-3.6.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-announce-list/attachments/20041222/068a37db/attachment.sig>


More information about the fedora-announce-list mailing list