Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 10: FEDORA-2009-1234 Critical: xpdf Buffer Overflow

fedora
Calendar Grey April 23, 2009
Dist Fedora Esm H88
Uncover the newest Fedora 10 release for xpdf that tackles essential security vulnerabilities and includes several bug fixes.
Fix several security updates in xpdf (3.02pl3 patch applied).

Summary

Xpdf is an X Window System based viewer for Portable Document Format

(PDF) files. Xpdf is a small and efficient program which uses

standard X fonts.

Update Information:

Fix several security updates in xpdf (3.02pl3 patch applied).

Topics%20covered

Topics Covered

security advisory security update buffer overflow critical Fedora software patch xpdf

Change Log

* Thu Apr 16 2009 Tom "spot" Callaway - 1:3.02-13 - apply xpdf-3.02pl3 security patch to fix: CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180 CVE-2009-1181, CVE-2009-1182, CVE-2009-1183 * Wed Mar 4 2009 Tom "spot" Callaway - 1:3.02-12 - add Requires: xorg-x11-fonts-ISO8859-1-100dpi (bz 485404) * Thu Feb 26 2009 Fedora Release Engineering - 1:3.02-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Wed Feb 11 2009 Tom "spot" Callaway - 1:3.02-10 - cleanup crash patch a bit (bz 483664) - improve support for more mouse buttons (bz 483669) * Wed Dec 10 2008 Tom "spot" Callaway - 1:3.02-9 - apply debian patches * Sun Sep 21 2008 Ville Skyttä - 1:3.02-8 - Fix Patch0:/%patch mismatch.

References


[ 1 ] Bug #495886 - CVE-2009-0799 PDF JBIG2 decoder OOB read https://bugzilla.redhat.com/show_bug.cgi?id=495886 [ 2 ] Bug #495887 - CVE-2009-0800 PDF JBIG2 multiple input validation flaws https://bugzilla.redhat.com/show_bug.cgi?id=495887 [ 3 ] Bug #495889 - CVE-2009-1179 PDF JBIG2 integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=495889 [ 4 ] Bug #495892 - CVE-2009-1180 PDF JBIG2 invalid free() https://bugzilla.redhat.com/show_bug.cgi?id=495892 [ 5 ] Bug #495894 - CVE-2009-1181 PDF JBIG2 NULL dereference https://bugzilla.redhat.com/show_bug.cgi?id=495894 [ 6 ] Bug #495896 - CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows https://bugzilla.redhat.com/show_bug.cgi?id=495896 [ 7 ] Bug #495899 - CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS https://bugzilla.redhat.com/show_bug.cgi?id=495899 [ 8 ] Bug #490612 - CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSe...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xpdf' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xpdf
Product: Fedora 10
Version: 3.02
Release: 13.fc10
URL: http://www.xpdfreader.com/
Summary: A PDF file viewer for the X Window System

Topics%20covered

Topics Covered

security advisory security update buffer overflow critical Fedora software patch xpdf

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here