--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-152868 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152868 2006-04-26 --------------------------------------------------------------------- Name : tetex Versions : rh73: tetex-1.0.7-47.5.legacy Versions : rh9: tetex-1.0.7-66.3.legacy Versions : fc1: tetex-2.0.2-8.2.legacy Versions : fc2: tetex-2.0.2-14FC2.3.legacy Summary : The TeX text formatting system. Description : TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. --------------------------------------------------------------------- Update Information: Updated tetex packages that fix several security issues are now available. TeTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. A number of integer overflow bugs that affect Xpdf were discovered. The teTeX package contains a copy of the Xpdf code used for parsing PDF files and is therefore affected by these bugs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0888 and CVE-2004-1125 to these issues. Several flaws were discovered in the teTeX PDF parsing library. An attacker could construct a carefully crafted PDF file that could cause teTeX to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627 and CVE-2005-3628 to these issues. Users of teTeX should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues. --------------------------------------------------------------------- Changelogs rh73: * Tue Apr 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.0.7-47.5.legacy - Added tetex tetex-latex and tetex-dvips to BuildPreReq! * Fri Apr 21 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.0.7-47.4.legacy - Added patch to remove expiration check * Wed Apr 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.0.7-47.3.legacy - Added missing netpbm-progs, ghostscript, ed and texinfo to BuildPrereq * Fri Mar 17 2006 Donald Maner <donjr@xxxxxxxxx> 1.0.7-47.2.legacy - Patches for CESA-2004-007, CAN-2004-1125, CAN-2004-0888, CVE-2005-3193 rh9: * Tue Apr 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.0.7-66.3.legacy - Added missing tetex, tetex-latex and tetex-dvips to BuildPreReq * Fri Apr 21 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.0.7-66.2.legacy - Added missing ed and texinfo to BuildPrereq * Thu Mar 16 2006 Donald Maner <donjr@xxxxxxxxx> 1.0.7-66.1.legacy - Patches for CESA-2004-007 CAN-2004-0888 CAN-2004-1125 CVE-2005-3193 (#152868) fc1: * Wed Apr 26 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.2-8.2.legacy - Added missing ed, texinfo, tetex, tetex-latex and tetex-dvips to BuildPreReq * Thu Mar 16 2006 Donald Maner <donjr@xxxxxxxxx> 2.0.2-8.1.legacy - Patches for CAN-2004-0888, CAN-2004-1125, CAN-2005-0064 and 2005-3193 fc2: * Tue Apr 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.2-14FC2.3.legacy - Fixed release tag - Added missing tetex, tetex-latex and tetex-dvips to BuildPreReq * Thu Mar 16 2006 Donald Maner <donjr@xxxxxxxxx> 2.0.2-14.3.legacy - Patch CVE-2005-3193 (#152868) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh73: 80b05b7896c5db589e960da0d73b1cd4ae120cce redhat/7.3/updates-testing/i386/tetex-1.0.7-47.5.legacy.i386.rpm 28c6022b4f6a237d4695d1f268276ec6b18dcf4c redhat/7.3/updates-testing/i386/tetex-afm-1.0.7-47.5.legacy.i386.rpm 017fa321d9834685f04819070d4f5fb799e05d01 redhat/7.3/updates-testing/i386/tetex-doc-1.0.7-47.5.legacy.i386.rpm 3303175840f2fc37c5f3f77e672eeb3fafae718a redhat/7.3/updates-testing/i386/tetex-dvilj-1.0.7-47.5.legacy.i386.rpm fa43c7cbdf02cb7d439c9beeb0e358f8c69a5f22 redhat/7.3/updates-testing/i386/tetex-dvips-1.0.7-47.5.legacy.i386.rpm 1e69a574c3d47cec5b58963387956dfc8337d6ec redhat/7.3/updates-testing/i386/tetex-fonts-1.0.7-47.5.legacy.i386.rpm bb229acb3b38ae16025d56a77c41cab939a512ac redhat/7.3/updates-testing/i386/tetex-latex-1.0.7-47.5.legacy.i386.rpm d21419415faefcb90b688f8d8dc60a57a6374bad redhat/7.3/updates-testing/i386/tetex-xdvi-1.0.7-47.5.legacy.i386.rpm f646b3f3c2ebafa6ae264f20a3f056c778bd84db redhat/7.3/updates-testing/SRPMS/tetex-1.0.7-47.5.legacy.src.rpm rh9: 26f54ca0403372b21e6fd441d9bb64073f23e7de redhat/9/updates-testing/i386/tetex-1.0.7-66.3.legacy.i386.rpm e74de7855d1d07bcef6a713f4a8735e8008f5249 redhat/9/updates-testing/i386/tetex-afm-1.0.7-66.3.legacy.i386.rpm c836a796ad112f79c84c528006a14a3ff1f99a20 redhat/9/updates-testing/i386/tetex-doc-1.0.7-66.3.legacy.i386.rpm 5d60fb658c5581eff85e589b2f71e49b4b7132b0 redhat/9/updates-testing/i386/tetex-dvips-1.0.7-66.3.legacy.i386.rpm 7ea6340fe95a63586bebc82f0869f962a178a8b2 redhat/9/updates-testing/i386/tetex-fonts-1.0.7-66.3.legacy.i386.rpm 62790eea2119387ad7c9ff4dc52aa9f24ae188f3 redhat/9/updates-testing/i386/tetex-latex-1.0.7-66.3.legacy.i386.rpm 55f398c9781e6a75c14becd57930afd91632c8fb redhat/9/updates-testing/i386/tetex-xdvi-1.0.7-66.3.legacy.i386.rpm a696b9b616557bf0d9b8ae7f884e543061e0e110 redhat/9/updates-testing/SRPMS/tetex-1.0.7-66.3.legacy.src.rpm fc1: 5560c992700e00a6f69d9ee7d2835522142fb93b fedora/1/updates-testing/i386/tetex-2.0.2-8.2.legacy.i386.rpm 416e95e8c3241c6fb239ca534dbb5654f5bb4206 fedora/1/updates-testing/i386/tetex-afm-2.0.2-8.2.legacy.i386.rpm 55adc5facf3a5c44cd5eb8b57559b03728fb7a64 fedora/1/updates-testing/i386/tetex-doc-2.0.2-8.2.legacy.i386.rpm e893ad3c1c95abd91830b43fa74138be297da25e fedora/1/updates-testing/i386/tetex-dvips-2.0.2-8.2.legacy.i386.rpm b5b4de3d22bf7696ed5194f68c271d08d912d571 fedora/1/updates-testing/i386/tetex-fonts-2.0.2-8.2.legacy.i386.rpm 57029989a0bba05d33c566bdb0df6ff921f3addd fedora/1/updates-testing/i386/tetex-latex-2.0.2-8.2.legacy.i386.rpm 857555c989ce1db61ddec8a7fdaf30a21bd1a207 fedora/1/updates-testing/i386/tetex-xdvi-2.0.2-8.2.legacy.i386.rpm f4cd83ce6594ce3a2ba6f3371d22b46435be8fbd fedora/1/updates-testing/SRPMS/tetex-2.0.2-8.2.legacy.src.rpm fc2: b02943e6007fc24a8c187d94c1511110d3d6e6e0 fedora/2/updates-testing/i386/tetex-2.0.2-14FC2.3.legacy.i386.rpm 08f84cc10ee1b4ea4a0a28b0d06cba8209c0c5f3 fedora/2/updates-testing/i386/tetex-afm-2.0.2-14FC2.3.legacy.i386.rpm ea6b0ea52e2784a8d4de505e8866b6ca24ff94dd fedora/2/updates-testing/i386/tetex-doc-2.0.2-14FC2.3.legacy.i386.rpm 61298e2841be9ce39260139387502f2caa555653 fedora/2/updates-testing/i386/tetex-dvips-2.0.2-14FC2.3.legacy.i386.rpm 42271d0bf5aab0b7b77c6ccb90723588395e06a2 fedora/2/updates-testing/i386/tetex-fonts-2.0.2-14FC2.3.legacy.i386.rpm 555556960f4e116cc1f92d57d8896284cf125935 fedora/2/updates-testing/i386/tetex-latex-2.0.2-14FC2.3.legacy.i386.rpm 23d0051001771158b6573c846d1e736308cba424 fedora/2/updates-testing/i386/tetex-xdvi-2.0.2-14FC2.3.legacy.i386.rpm c05978c27472e3a8fbfc12896e26d78ae18e065b fedora/2/updates-testing/SRPMS/tetex-2.0.2-14FC2.3.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
