--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-028 2006-01-12 --------------------------------------------------------------------- Product : Fedora Core 4 Name : tetex Version : 3.0 Release : 9.FC4 Summary : The TeX text formatting system. Description : TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install tetex if you want to use the TeX text formatting system. If you are installing tetex, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX), and tetex-xdvi (for previewing .dvi files in X). Unless you are an expert at using TeX, you should also install the tetex-doc package, which includes the documentation for TeX. The Red Hat tetex package also contains software related to Japanese support for teTeX such as ptex, what is not a part of teTeX project. --------------------------------------------------------------------- Update Information: Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues. This package also updates bindings in texdoc and causes the local texmf tree to be searched first. --------------------------------------------------------------------- * Wed Jan 11 2006 Jindrich Novy <jnovy@xxxxxxxxxx> 3.0-9.FC4 - apply additional patch to fix xpdf flaws from Ludwig Nussel (CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193) (#177128) - /usr/share/texmf/doc is now owned by tetex package (#177065) - update searching order for kpathsea (local texmf tree is searched first) - don't use obsolete bindings in texdoc * Mon Dec 19 2005 Jindrich Novy <jnovy@xxxxxxxxxx> 3.0-8.FC4 - apply more complete fix for CVE-2005-3193 (#175110) suggested by security response team, taken from xpdf --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ d5803bb897ac8b307e604d9b5ff872c1ff314565 SRPMS/tetex-3.0-9.FC4.src.rpm ff74404da788d6b5677d6edf10745564bafd43da ppc/tetex-3.0-9.FC4.ppc.rpm 1ddbc8cb532cb20d101e490bb881621c994d8851 ppc/tetex-latex-3.0-9.FC4.ppc.rpm c8329a5c0b491f82d37e7b7024b3d4b0cf2553f1 ppc/tetex-xdvi-3.0-9.FC4.ppc.rpm 7387673a1b7a69582e6f0c4b382430f9c71c5eec ppc/tetex-dvips-3.0-9.FC4.ppc.rpm 59b640dee6af739cde5d2f7f8dbebaaabcb4ec28 ppc/tetex-afm-3.0-9.FC4.ppc.rpm 0e4a4804df1cfd756da3be2b93bbdc08548ce3cf ppc/tetex-fonts-3.0-9.FC4.ppc.rpm 846dc3c32e28fc4b1bc703d62f6bf1f1daa26031 ppc/tetex-doc-3.0-9.FC4.ppc.rpm 4d054f78d197154f5de87f7118de6a01dd65230e ppc/debug/tetex-debuginfo-3.0-9.FC4.ppc.rpm aa56a1fce1d8d1b5213a588612bfbea03d2e18d8 x86_64/tetex-3.0-9.FC4.x86_64.rpm ccd10c08e3342efd7e0345e3d6bf030574066262 x86_64/tetex-latex-3.0-9.FC4.x86_64.rpm 2abd94209f969ffad4e152d5fa84d9724495886c x86_64/tetex-xdvi-3.0-9.FC4.x86_64.rpm 4a966b11d187f743445bf0a9193eab5e021bcc7b x86_64/tetex-dvips-3.0-9.FC4.x86_64.rpm 9b0b54e67982188e20dcbafdd1c25cc559306345 x86_64/tetex-afm-3.0-9.FC4.x86_64.rpm 81c804112f3f557950f618a4d7d459f6d3683298 x86_64/tetex-fonts-3.0-9.FC4.x86_64.rpm a3905125347b27476119eb2109f533f868898f00 x86_64/tetex-doc-3.0-9.FC4.x86_64.rpm 8c50c8246b1cd2eb16dc03f9f45ebbcb31470c87 x86_64/debug/tetex-debuginfo-3.0-9.FC4.x86_64.rpm 7afe7adda01e3a4cef49c7ff05975c1a2ebf4d8a i386/tetex-3.0-9.FC4.i386.rpm de7db2f913951772d3ea106472bc390b3bd6a391 i386/tetex-latex-3.0-9.FC4.i386.rpm af8d0c5026e4fbd557cc06024af2952025c8ba5b i386/tetex-xdvi-3.0-9.FC4.i386.rpm 3d7837c759ec17ac25a3ba82cc038eb0eab25558 i386/tetex-dvips-3.0-9.FC4.i386.rpm cb11ce07500fe9f978f8d372358eb4dd664bd03a i386/tetex-afm-3.0-9.FC4.i386.rpm c483b2892a7b02e22ac96c91e39e24f0fb783a26 i386/tetex-fonts-3.0-9.FC4.i386.rpm 31592fdca8509bc0412293b707eaf02485640b8e i386/tetex-doc-3.0-9.FC4.i386.rpm d706dba1b43706096b7dcd29c8ef203d72c48731 i386/debug/tetex-debuginfo-3.0-9.FC4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-announce-list
