Fedora Legacy Test Update Notification: xpdf
Marc Deslauriers
marcdeslauriers at videotron.ca
Thu Dec 2 04:22:32 UTC 2004
---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2004-2186
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=2186
2004-12-01
---------------------------------------------------------------------
Name : xpdf
Versions : rh7.3: xpdf-1.00-7.2.legacy
Versions : rh9: xpdf-2.01-11.1.legacy
Versions : fc1: xpdf-2.03-1.1.legacy
Summary : A PDF file viewer for the X Window System.
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.
---------------------------------------------------------------------
Update Information:
Updated xpdf packages that fixes a number of integer overflow security
flaws are now available.
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files.
During a source code audit, Chris Evans and others discovered a number
of integer overflow bugs that affected all versions of xpdf. An attacker
could construct a carefully crafted PDF file that could cause xpdf to
crash or possibly execute arbitrary code when opened. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2004-0888 to this issue.
Users of xpdf are advised to upgrade to these errata packages, which
contains a backported patch correcting these issues.
---------------------------------------------------------------------
Changelogs
rh73:
* Wed Dec 01 2004 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.00-7.2.legacy
- added missing XFree86-devel BuildPrereq
* Thu Oct 28 2004 Rob Myers <rob.myers at gtri.gatech.edu> 1.00-7.1.legacy
- patch for CAN-2004-0888 CAN-2004-0889 (FL #2186)
rh9:
* Thu Oct 28 2004 Rob Myers <rob.myers at gtri.gatech.edu> 2.01-11.1.legacy
- patch for CAN-2004-0888 CAN-2004-0889 (FL #2186)
- added simple non-security patch for xfont fix
fc1:
* Thu Oct 21 2004 Rob Myers <rob.myers at gtri.gatech.edu>
1:2.03-1.1.legacy
- patch for CAN-2004-0888 CAN-2004-0889 (FL #2186)
- include simple non-security xfont patch
- fix files listed twice for /usr/share/xpdf/locales
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedoralegacy.org/
(sha1sums)
rh7.3:
017fba06b9ba578aad48f07ec3c2e6f0f954d781
redhat/7.3/updates-testing/i386/xpdf-1.00-7.2.legacy.i386.rpm
ca69e26855214a8225011abb45d03d6452eccc23
redhat/7.3/updates-testing/i386/xpdf-chinese-
simplified-1.00-7.2.legacy.i386.rpm
aeea1b0952067c77867f2f92bec12af9bd725bc8
redhat/7.3/updates-testing/i386/xpdf-chinese-
traditional-1.00-7.2.legacy.i386.rpm
925f505d03d6a1ddced3f8f6579cc6e449f74465
redhat/7.3/updates-testing/i386/xpdf-japanese-1.00-7.2.legacy.i386.rpm
2ab1b844fee2c44f3c4df97661cc301a637b4999
redhat/7.3/updates-testing/i386/xpdf-korean-1.00-7.2.legacy.i386.rpm
3d2cf5b7973d8e56ecf1d98322e8918a1de463b9
redhat/7.3/updates-testing/SRPMS/xpdf-1.00-7.2.legacy.src.rpm
rh9:
cb457f94ba08d7c8a8750b41596959a6e8e4df01
redhat/9/updates-testing/i386/xpdf-2.01-11.1.legacy.i386.rpm
961cb6ce2a6a9c6eee52eb5cd563e4c13df07c4e
redhat/9/updates-testing/i386/xpdf-chinese-
simplified-2.01-11.1.legacy.i386.rpm
4f00f288a9ba3c46f7eacbdf026164851b19f5fe
redhat/9/updates-testing/i386/xpdf-chinese-
traditional-2.01-11.1.legacy.i386.rpm
f5629299b07143ef56a9a5d9d03d7909e2bdf226
redhat/9/updates-testing/i386/xpdf-japanese-2.01-11.1.legacy.i386.rpm
229668282ccb0173f8e53cee27a4125d9e69ff8a
redhat/9/updates-testing/i386/xpdf-korean-2.01-11.1.legacy.i386.rpm
bbec9b7dd219aaddd505b1807f22728211f2786a
redhat/9/updates-testing/SRPMS/xpdf-2.01-11.1.legacy.src.rpm
fc1:
119e2f11d6037391a9f687c35795afbb563f7b68
fedora/1/updates-testing/i386/xpdf-2.03-1.1.legacy.i386.rpm
4dee0440c3e091eb75777ef3744e3e9158277b3a
fedora/1/updates-testing/SRPMS/xpdf-2.03-1.1.legacy.src.rpm
---------------------------------------------------------------------
Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20041201/7d81442b/attachment.sig>
More information about the fedora-legacy-list
mailing list