[SECURITY] Fedora 7 Update: xpdf-3.02-4.fc7
updates at fedoraproject.org
updates at fedoraproject.org
Fri Nov 9 23:43:53 UTC 2007
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3031
2007-11-09 23:43:48.449840
--------------------------------------------------------------------------------
Name : xpdf
Product : Fedora 7
Version : 3.02
Release : 4.fc7
URL : http://www.foolabs.com/xpdf/
Summary : A PDF file viewer for the X Window System
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.
--------------------------------------------------------------------------------
Update Information:
Resolves:
xpdf memory corruption in DCTStream::readProgressiveDataUnit()
xpdf buffer overflow in DCTStream::reset()
xpdf buffer overflow in CCITTFaxStream::lookChar()
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 9 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1:3.02-4
- resolve 372461, 372471, 372481
* Tue Aug 28 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1:3.02-3
- fix PDF printing on x86_64 (bz 253601)
- add mouse buttons 8 and 9 (bz 255401)
- add extra zoom types (bz 251855)
- rebuild for BuildID
* Mon Aug 6 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1:3.02-2
- fix font list parsing to squelch noise (bz 250709)
- cleanup add-to-xpdfrc files, update xpdfrc to include them by default
* Wed Aug 1 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1:3.02-1
- bump to 3.02
- patch in security fix
- add arabic, greek, hebrew, latin2, turkish lang support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #372461 - CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 Multiple xpdf vulnerabilities [f7]
https://bugzilla.redhat.com/show_bug.cgi?id=372461
[ 2 ] CVE-2007-4352
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
[ 3 ] CVE-2007-5392
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
[ 4 ] CVE-2007-5393
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
--------------------------------------------------------------------------------
Updated packages:
cc0e4f10a1739a10b41382a977d88df1ca809f02 xpdf-debuginfo-3.02-4.fc7.ppc64.rpm
f02acca00119622b0f0053498f425a89f5f6d05a xpdf-3.02-4.fc7.ppc64.rpm
e2814acc1aa934fcc54c5f1dd2591df85f150846 xpdf-3.02-4.fc7.i386.rpm
b4ffa0222094639cb3b803cfbf09b39dbc232c27 xpdf-debuginfo-3.02-4.fc7.i386.rpm
9c62db5aeb9c5d7951be4a6d24beeab6efd08d03 xpdf-3.02-4.fc7.x86_64.rpm
937c964cb1d35860893a3cfe86c1731eb55ff6ff xpdf-debuginfo-3.02-4.fc7.x86_64.rpm
fef6a66dc9a26e9d708e72bc70821b63711ee7fa xpdf-3.02-4.fc7.ppc.rpm
d344562cb961adff7941a360738d09142ecc9a65 xpdf-debuginfo-3.02-4.fc7.ppc.rpm
e4793e635b4d05d80740d5955b5dbd81039baeab xpdf-3.02-4.fc7.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update xpdf'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list