[SECURITY] Fedora Core 4 Update: tetex-3.0-7.FC4

Jindrich Novy jnovy at redhat.com
Wed Dec 7 15:48:16 UTC 2005


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1126
2005-12-07
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : tetex
Version     : 3.0                      
Release     : 7.FC4                  
Summary     : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very
user-friendly.

Install tetex if you want to use the TeX text formatting system. If
you are installing tetex, you will also need to install tetex-afm (a
PostScript(TM) font converter for TeX),
tetex-dvips (for converting .dvi files to PostScript format
for printing on PostScript printers), tetex-latex (a higher level
formatting package which provides an easier-to-use interface for TeX),
and tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.


The Red Hat tetex package also contains software related to Japanese
support for teTeX such as ptex, what is not a part of teTeX project.

---------------------------------------------------------------------
Update Information:

Several flaws were discovered in Xpdf. An attacker could
construct a carefully crafted PDF file that could cause Xpdf
to crash or possibly execute arbitrary code when opened. The
teTeX package contains a copy of the Xpdf code used for
parsing PDF files and is therefore affected by this bug.The
Common Vulnerabilities and Exposures project assigned the
name CAN-2005-3193 to these issues.

Users of teTeX should upgrade to this updated package, which
contains a patch to resolve these issues.
---------------------------------------------------------------------
* Wed Dec  7 2005 Jindrich Novy <jnovy at redhat.com> 3.0-7.FC4
- apply patch from Derek Noonburg to fix CVE-2005-3193 xpdf overflows (#175110)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

c9c2edbfb432eab99adeb8d12eb0e428  SRPMS/tetex-3.0-7.FC4.src.rpm
89c83c91630e195891736ae8410308ef  ppc/tetex-3.0-7.FC4.ppc.rpm
9f12ecf3e09412eb968d686c89500367  ppc/tetex-latex-3.0-7.FC4.ppc.rpm
aac1f6547f024e7ccc35a1d917ea0956  ppc/tetex-xdvi-3.0-7.FC4.ppc.rpm
4ce4d696e627851dd50046f55ac4bde0  ppc/tetex-dvips-3.0-7.FC4.ppc.rpm
c82cdf20e3decb6691d91a12b15f589b  ppc/tetex-afm-3.0-7.FC4.ppc.rpm
cf4c487e1edec55ba2c16af7ac5e1630  ppc/tetex-fonts-3.0-7.FC4.ppc.rpm
90a82c0d8708f7a7bb84a74c709a30c6  ppc/tetex-doc-3.0-7.FC4.ppc.rpm
88fecde9225ee34fe960940a654dd0f5  ppc/debug/tetex-debuginfo-3.0-7.FC4.ppc.rpm
4038c55cb0e62b16fca09333914b16ea  x86_64/tetex-3.0-7.FC4.x86_64.rpm
4197a02a32c6b0be00a1c8b1115a8eb3  x86_64/tetex-latex-3.0-7.FC4.x86_64.rpm
04bdd2b1b9cc705a5ababff06cc7dbfa  x86_64/tetex-xdvi-3.0-7.FC4.x86_64.rpm
29aa8350a9a8f7e09846b710f5cb4634  x86_64/tetex-dvips-3.0-7.FC4.x86_64.rpm
f865247d37aa5679a06e7becae57de8d  x86_64/tetex-afm-3.0-7.FC4.x86_64.rpm
1872fb9c98352a3d0147221d2a7c3c39  x86_64/tetex-fonts-3.0-7.FC4.x86_64.rpm
0f77f10463678ad413ca7aaa0c8760aa  x86_64/tetex-doc-3.0-7.FC4.x86_64.rpm
cf6a68c0041f1c0b482905a816f0c64c  x86_64/debug/tetex-debuginfo-3.0-7.FC4.x86_64.rpm
49ac41b0799982af0c467191bf49b51a  i386/tetex-3.0-7.FC4.i386.rpm
a0dada19f3c39db557d0cecc194d3f4f  i386/tetex-latex-3.0-7.FC4.i386.rpm
ebd5dbed238fb43233f9cfaf9111a51b  i386/tetex-xdvi-3.0-7.FC4.i386.rpm
53d0709df7a1105c6643d65e88a7b0b1  i386/tetex-dvips-3.0-7.FC4.i386.rpm
5bab1dd4df5f3b57915a777c6fdeb053  i386/tetex-afm-3.0-7.FC4.i386.rpm
c85b4d01615ebd460e7f26345b560765  i386/tetex-fonts-3.0-7.FC4.i386.rpm
10e26b6f01f39716986b6581504ccfda  i386/tetex-doc-3.0-7.FC4.i386.rpm
38772851a0226358d85ab8a5db3ab78d  i386/debug/tetex-debuginfo-3.0-7.FC4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------




More information about the fedora-announce-list mailing list