[SECURITY] Fedora Core 4 Update: tetex-3.0-7.FC4

Jindrich Novy jnovy at redhat.com
Wed Dec 7 15:48:16 UTC 2005

Fedora Update Notification

Product     : Fedora Core 4
Name        : tetex
Version     : 3.0                      
Release     : 7.FC4                  
Summary     : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very

Install tetex if you want to use the TeX text formatting system. If
you are installing tetex, you will also need to install tetex-afm (a
PostScript(TM) font converter for TeX),
tetex-dvips (for converting .dvi files to PostScript format
for printing on PostScript printers), tetex-latex (a higher level
formatting package which provides an easier-to-use interface for TeX),
and tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.

The Red Hat tetex package also contains software related to Japanese
support for teTeX such as ptex, what is not a part of teTeX project.

Update Information:

Several flaws were discovered in Xpdf. An attacker could
construct a carefully crafted PDF file that could cause Xpdf
to crash or possibly execute arbitrary code when opened. The
teTeX package contains a copy of the Xpdf code used for
parsing PDF files and is therefore affected by this bug.The
Common Vulnerabilities and Exposures project assigned the
name CAN-2005-3193 to these issues.

Users of teTeX should upgrade to this updated package, which
contains a patch to resolve these issues.
* Wed Dec  7 2005 Jindrich Novy <jnovy at redhat.com> 3.0-7.FC4
- apply patch from Derek Noonburg to fix CVE-2005-3193 xpdf overflows (#175110)

This update can be downloaded from:

c9c2edbfb432eab99adeb8d12eb0e428  SRPMS/tetex-3.0-7.FC4.src.rpm
89c83c91630e195891736ae8410308ef  ppc/tetex-3.0-7.FC4.ppc.rpm
9f12ecf3e09412eb968d686c89500367  ppc/tetex-latex-3.0-7.FC4.ppc.rpm
aac1f6547f024e7ccc35a1d917ea0956  ppc/tetex-xdvi-3.0-7.FC4.ppc.rpm
4ce4d696e627851dd50046f55ac4bde0  ppc/tetex-dvips-3.0-7.FC4.ppc.rpm
c82cdf20e3decb6691d91a12b15f589b  ppc/tetex-afm-3.0-7.FC4.ppc.rpm
cf4c487e1edec55ba2c16af7ac5e1630  ppc/tetex-fonts-3.0-7.FC4.ppc.rpm
90a82c0d8708f7a7bb84a74c709a30c6  ppc/tetex-doc-3.0-7.FC4.ppc.rpm
88fecde9225ee34fe960940a654dd0f5  ppc/debug/tetex-debuginfo-3.0-7.FC4.ppc.rpm
4038c55cb0e62b16fca09333914b16ea  x86_64/tetex-3.0-7.FC4.x86_64.rpm
4197a02a32c6b0be00a1c8b1115a8eb3  x86_64/tetex-latex-3.0-7.FC4.x86_64.rpm
04bdd2b1b9cc705a5ababff06cc7dbfa  x86_64/tetex-xdvi-3.0-7.FC4.x86_64.rpm
29aa8350a9a8f7e09846b710f5cb4634  x86_64/tetex-dvips-3.0-7.FC4.x86_64.rpm
f865247d37aa5679a06e7becae57de8d  x86_64/tetex-afm-3.0-7.FC4.x86_64.rpm
1872fb9c98352a3d0147221d2a7c3c39  x86_64/tetex-fonts-3.0-7.FC4.x86_64.rpm
0f77f10463678ad413ca7aaa0c8760aa  x86_64/tetex-doc-3.0-7.FC4.x86_64.rpm
cf6a68c0041f1c0b482905a816f0c64c  x86_64/debug/tetex-debuginfo-3.0-7.FC4.x86_64.rpm
49ac41b0799982af0c467191bf49b51a  i386/tetex-3.0-7.FC4.i386.rpm
a0dada19f3c39db557d0cecc194d3f4f  i386/tetex-latex-3.0-7.FC4.i386.rpm
ebd5dbed238fb43233f9cfaf9111a51b  i386/tetex-xdvi-3.0-7.FC4.i386.rpm
53d0709df7a1105c6643d65e88a7b0b1  i386/tetex-dvips-3.0-7.FC4.i386.rpm
5bab1dd4df5f3b57915a777c6fdeb053  i386/tetex-afm-3.0-7.FC4.i386.rpm
c85b4d01615ebd460e7f26345b560765  i386/tetex-fonts-3.0-7.FC4.i386.rpm
10e26b6f01f39716986b6581504ccfda  i386/tetex-doc-3.0-7.FC4.i386.rpm
38772851a0226358d85ab8a5db3ab78d  i386/debug/tetex-debuginfo-3.0-7.FC4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

More information about the fedora-announce-list mailing list