Fedora Legacy Test Update Notification: gpdf

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2006-176751
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176751
2006-02-20
---------------------------------------------------------------------

Name        : gpdf
Versions    : fc1: gpdf-0.110-1.5.legacy
Versions    : fc2: gpdf-2.8.2-4.1.1.legacy
Versions    : fc3: gpdf-2.8.2-7.2.1.legacy
Summary     : viewer for Portable Document Format (PDF) files for GNOME
Description :
This is GPdf, a viewer for Portable Document Format (PDF) files for
GNOME. GPdf is based on the Xpdf program and uses additional GNOME
libraries for better desktop integration.

---------------------------------------------------------------------
Update Information:

An updated gpdf package that fixes several security issues is now
available.

The gpdf package is a GNOME based viewer for Portable Document Format
(PDF) files.

A flaw was discovered in gpdf. An attacker could construct a carefully
crafted PDF file that would cause gpdf to consume all available disk
space in /tmp when opened. The Common Vulnerabilities and Exposures
project assigned the name CVE-2005-2097 to this issue.

Several flaws were discovered in gpdf. An attacker could construct a
carefully crafted PDF file that could cause gpdf to crash or possibly
execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project assigned the names CVE-2005-3191, CVE-2005-3192,
CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626,
CVE-2005-3627 and CVE-2005-3628 to these issues.

Users of gpdf should upgrade to this updated package, which contains
backported patches to resolve these issues.

---------------------------------------------------------------------
Changelogs

fc1:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
0.110-1.5.legacy
- Use better patch for CVE-2004-0888 (from RHEL3 xpdf)
- Add patch for CVE-2005-3193

fc2:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
2.8.2-4.1.1.legacy
- Rebuilt as Fedora Legacy security update for Fedora Core 2
- Removed the desktop-file-utils dependencies

* Fri Jan 06 2006 Ray Strode <rstrode@xxxxxxxxxx> 2.8.2-7.4
- Apply fix for CVE-2005-3624 (also covers CVE-2005-3193) (bug 176865)

* Wed Dec 14 2005 Ray Strode <rstrode@xxxxxxxxxx> 2.8.2-7.3
- apply updated patch for CVE-2005-3193 (bug 175102)

fc3:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
2.8.2-7.2.1.legacy
- Rebuilt as Fedora Legacy security update for Fedora Core 3

* Fri Jan 06 2006 Ray Strode <rstrode@xxxxxxxxxx> 2.8.2-7.4
- Apply fix for CVE-2005-3624 (also covers CVE-2005-3193) (bug 176865)

* Wed Dec 14 2005 Ray Strode <rstrode@xxxxxxxxxx> 2.8.2-7.3
- apply updated patch for CVE-2005-3193 (bug 175102)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

fc1:
646edd9bdaf07a2f74d0b9874a666f94dc4f7982
fedora/1/updates-testing/i386/gpdf-0.110-1.5.legacy.i386.rpm
23f1172453f4e6572bd5a5bebcf093fda9c9ef62
fedora/1/updates-testing/SRPMS/gpdf-0.110-1.5.legacy.src.rpm

fc2:
2798a8e5ba37214b4ad3d537aa38b65c62c9e7c7
fedora/2/updates-testing/i386/gpdf-2.8.2-4.1.1.legacy.i386.rpm
e6d36329145bd25d5646da0064124f4b3a3faf99
fedora/2/updates-testing/SRPMS/gpdf-2.8.2-4.1.1.legacy.src.rpm

fc3:
b732b32164a34ddca2471548cffdb4fa654a61cd
fedora/3/updates-testing/i386/gpdf-2.8.2-7.2.1.legacy.i386.rpm
3ec3762affc6295144245af9e804692e293614be
fedora/3/updates-testing/SRPMS/gpdf-2.8.2-7.2.1.legacy.src.rpm
e6c957006f2bc7c17c5754df527cd8eec86d0c9a
fedora/3/updates-testing/x86_64/gpdf-2.8.2-7.2.1.legacy.x86_64.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.

Attachment: signature.asc
Description: OpenPGP digital signature

--

fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux