--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-585 2005-01-06 --------------------------------------------------------------------- Product : Fedora Core 3 Name : tetex Version : 2.0.2 Release : 21.2 Summary : The TeX text formatting system. Description : TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install tetex if you want to use the TeX text formatting system. If you are installing tetex, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX), and tetex-xdvi (for previewing .dvi files in X). Unless you are an expert at using TeX, you should also install the tetex-doc package, which includes the documentation for TeX. --------------------------------------------------------------------- Update Information: The updated tetex package fixes a buffer overflow which allows attackers to cause the internal xpdf library used by applications in tetex to crash, and possibly to execute arbitrary code. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2004-1125 to this issue. --------------------------------------------------------------------- * Mon Dec 27 2004 Jindrich Novy <jnovy@xxxxxxxxxx> 2.0.2-21.2 - Fix CAN-2004-1125 xpdf overflow * Tue Nov 02 2004 Jindrich Novy <jnovy@xxxxxxxxxx> 2.0.2-21.1 - Add xpdf overflow security patch (CESA-2004-007) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ eeffe10a8d42f6269f2e7a9225b76108 SRPMS/tetex-2.0.2-21.2.src.rpm 2e3fe2e80094656b2a571b424f3bc002 x86_64/tetex-2.0.2-21.2.x86_64.rpm e8fac4727a41f4cd97442e2e84fcc188 x86_64/tetex-latex-2.0.2-21.2.x86_64.rpm 94c4217e1b73293706b45880fbc72e39 x86_64/tetex-xdvi-2.0.2-21.2.x86_64.rpm aef9eb3e2c213e6512b6c63c767893e0 x86_64/tetex-dvips-2.0.2-21.2.x86_64.rpm b978a97c56edd0f8473646553912292f x86_64/tetex-afm-2.0.2-21.2.x86_64.rpm a350d6ebb4130fc67584f9dcb9aa8b34 x86_64/tetex-fonts-2.0.2-21.2.x86_64.rpm a6435f2dadbce2192226bf1d6c751f7b x86_64/tetex-doc-2.0.2-21.2.x86_64.rpm 94442d1626174498758f2f7999c31b1d x86_64/debug/tetex-debuginfo-2.0.2-21.2.x86_64.rpm e47da926c1a225d73724786e1d708989 i386/tetex-2.0.2-21.2.i386.rpm 774fa2bd414a297a92101000d5f3a980 i386/tetex-latex-2.0.2-21.2.i386.rpm 83e020d800b3d6faee79f4955c148083 i386/tetex-xdvi-2.0.2-21.2.i386.rpm c4e3699330d79b05b99ffedb22ee6f2a i386/tetex-dvips-2.0.2-21.2.i386.rpm 50fd2ac5818c548f7749e73b11f86b6b i386/tetex-afm-2.0.2-21.2.i386.rpm 584b54a8d6c2241b49b9b7e38e7c0268 i386/tetex-fonts-2.0.2-21.2.i386.rpm d151205d1990b1a09641e279e7f10aa3 i386/tetex-doc-2.0.2-21.2.i386.rpm 58f207404845c4de68c7ce0658d606e8 i386/debug/tetex-debuginfo-2.0.2-21.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------
