[SECURITY] Fedora Core 3 Update: tetex-2.0.2-21.5

Jindrich Novy jnovy at redhat.com
Wed Dec 7 15:48:31 UTC 2005


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1127
2005-12-07
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : tetex
Version     : 2.0.2                      
Release     : 21.5                  
Summary     : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very
user-friendly.

Install tetex if you want to use the TeX text formatting system. If
you are installing tetex, you will also need to install tetex-afm (a
PostScript(TM) font converter for TeX),
tetex-dvips (for converting .dvi files to PostScript format
for printing on PostScript printers), tetex-latex (a higher level
formatting package which provides an easier-to-use interface for TeX),
and tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.

---------------------------------------------------------------------
Update Information:

Several flaws were discovered in Xpdf. An attacker could
construct a carefully crafted PDF file that could cause Xpdf
to crash or possibly execute arbitrary code when opened. The
teTeX package contains a copy of the Xpdf code used for
parsing PDF files and is therefore affected by this bug.The
Common Vulnerabilities and Exposures project assigned the
name CAN-2005-3193 to these issues.

Users of teTeX should upgrade to this updated package, which
contains a patch to resolve these issues.
---------------------------------------------------------------------
* Tue Dec  6 2005 Jindrich Novy <jnovy at redhat.com> 2.0.2-21.5
- apply patch from Derek Noonburg to fix CVE-2005-3193, xpdf buffer overflows (#175110)

* Thu Aug 18 2005 Jindrich Novy <jnovy at redhat.com>
- support both .Z and .gz files in psfig.sty (#165203)

* Thu Aug 18 2005 Jindrich Novy <jnovy at redhat.com> 2.0.2-21.4
- enable languages in babel (#11570)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

802aff298f6378498cdeb9c066907f58  SRPMS/tetex-2.0.2-21.5.src.rpm
3de558321f6874d7f8792c4e2c9c356b  x86_64/tetex-2.0.2-21.5.x86_64.rpm
4a5f38be89e62e1e53fc49412e57b49f  x86_64/tetex-latex-2.0.2-21.5.x86_64.rpm
6c09295f8a7a7ee13c8fda4fb1666977  x86_64/tetex-xdvi-2.0.2-21.5.x86_64.rpm
92fba9c5adc5833de08718b5b06a8652  x86_64/tetex-dvips-2.0.2-21.5.x86_64.rpm
e6164f5961ec833b73d4ed092b746521  x86_64/tetex-afm-2.0.2-21.5.x86_64.rpm
c09ca851c6e2eb96da58c7f2c5c14332  x86_64/tetex-fonts-2.0.2-21.5.x86_64.rpm
38d16809b3f7349a39b59909cbeeb8e3  x86_64/tetex-doc-2.0.2-21.5.x86_64.rpm
3f00c57a1f36f1ebed167c330459dbd2  x86_64/debug/tetex-debuginfo-2.0.2-21.5.x86_64.rpm
058258ccc8f766fd3f9421bf7edf6e25  i386/tetex-2.0.2-21.5.i386.rpm
c88b931b479a31fc21602dd0313e71fa  i386/tetex-latex-2.0.2-21.5.i386.rpm
dd3014f1661eec70e9f539f1ca3879ef  i386/tetex-xdvi-2.0.2-21.5.i386.rpm
a14ea2aa8c1d2a98b6bba78ef6d8e695  i386/tetex-dvips-2.0.2-21.5.i386.rpm
691d45e866472cd14c8a20f736545ad3  i386/tetex-afm-2.0.2-21.5.i386.rpm
4a2db4403fc6c342e8ea0b31ec6f0c4c  i386/tetex-fonts-2.0.2-21.5.i386.rpm
ea1d7c378365eec467b8a4c73c4fe00e  i386/tetex-doc-2.0.2-21.5.i386.rpm
adf1bd365b26efec58a4eb02fd9d9d83  i386/debug/tetex-debuginfo-2.0.2-21.5.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------




More information about the fedora-announce-list mailing list