[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Fedora Legacy Test Update Notification: gpdf

From: Marc Deslauriers <marcdeslauriers videotron ca>
To: "fedora-legacy-list redhat com" <fedora-legacy-list redhat com>
Subject: Fedora Legacy Test Update Notification: gpdf
Date: Wed, 01 Dec 2004 23:20:12 -0500

---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2004-2195
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=2195
2004-12-01
---------------------------------------------------------------------

Name        : gpdf
Versions    : fc1: gpdf-0.110-1.2.legacy
Summary     : viewer for Portable Document Format (PDF) files for GNOME
Description : 
This is GPdf, a viewer for Portable Document Format (PDF) files for
GNOME. GPdf is based on the Xpdf program and uses additional GNOME
libraries for better desktop integration.

---------------------------------------------------------------------
Update Information:

An updated gpdf package that fixes a number of integer overflow security
flaws is now available.

GPdf is a viewer for Portable Document Format (PDF) files for GNOME.

During a source code audit, Chris Evans and others discovered a number
of integer overflow bugs that affected all versions of xpdf. These
issues also affect gpdf as it is based on xpdf source code. An attacker
could construct a carefully crafted PDF file that could cause gpdf to
crash or possibly execute arbitrary code when opened. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2004-0888 to this issue.

Users of gpdf are advised to upgrade to this errata package, which
contains a backported patch correcting these issues.

---------------------------------------------------------------------
Changelogs

fc1:
* Tue Nov 30 2004 Marc Deslauriers <marcdeslauriers videotron ca>
0.110-1.2.legacy
- Added missing gettext BuildRequires

* Thu Oct 28 2004 Rob Myers <rob myers gtri gatech edu> 0.110-1.1.legacy
- patch for CAN-2004-0888 CAN-2004-0889 (FL #2186, #2195)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

fc1:
5f64cfd5be571ffcb49f1cf067603165decc2318
fedora/1/updates-testing/i386/gpdf-0.110-1.2.legacy.i386.rpm
7795c1af751bb28a443d60508436b539b34f0d81
fedora/1/updates-testing/SRPMS/gpdf-0.110-1.2.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]