[SECURITY] Fedora Core 4 Update: poppler-0.4.5-1.1

Kristian Kristensen krh at redhat.com
Fri Feb 10 15:33:25 UTC 2006


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-103
2006-02-10
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : poppler
Version     : 0.4.5                      
Release     : 1.1                  
Summary     : PDF rendering library
Description :
Poppler, a PDF rendering library, it's a fork of the xpdf PDF
viewer developed by Derek Noonburg of Glyph and Cog, LLC.

---------------------------------------------------------------------
Update Information:

Heap-based buffer overflow in Splash.cc in poppler, allows
attackers to cause a denial of service and possibly execute
arbitrary code via crafted splash images that produce
certain values that exceed the width or height of the
associated bitmap.

---------------------------------------------------------------------
* Thu Feb  9 2006 Kristian Høgsberg <krh at redhat.com> 0.4.5-1.1
- Security release: CVE-2006-0301.

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

a6389ee0a029cd9d00554e895379b58141be1e9d  SRPMS/poppler-0.4.5-1.1.src.rpm
55b7d8faeda8942de95da47256dd63324826ab0d  ppc/poppler-0.4.5-1.1.ppc.rpm
4e2cf64d7b1cf1f6dcd2f4d4dec6abfe37032cbf  ppc/poppler-devel-0.4.5-1.1.ppc.rpm
b04be63e76106bb65bb7e9e1a99c74a8e973514d  ppc/debug/poppler-debuginfo-0.4.5-1.1.ppc.rpm
249b969c8751b1a53722e8264d2f3fc8fc5e9979  x86_64/poppler-0.4.5-1.1.x86_64.rpm
f5e61e706c434ad24bd6cece6affa754361d80cd  x86_64/poppler-devel-0.4.5-1.1.x86_64.rpm
cfb05d07796ee23f56ed3aa19111f875d54e4b7f  x86_64/debug/poppler-debuginfo-0.4.5-1.1.x86_64.rpm
8dc27611a2cde6baeb0d6212a88e7ad6d8035808  i386/poppler-0.4.5-1.1.i386.rpm
73f916b518fa1e32a1ecba95cf9cc36a6e2bc49a  i386/poppler-devel-0.4.5-1.1.i386.rpm
7026c75efdce668f7e35bc2332f5d516496aef1f  i386/debug/poppler-debuginfo-0.4.5-1.1.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the fedora-announce-list mailing list