Fedora Core 3: 2005-025 Moderate: gpdf PDF Processing Issues

This is GPdf, a viewer for Portable Document Format (PDF) files for

GNOME. GPdf is based on the Xpdf program and uses additional GNOME

libraries for better desktop integration.

GPdf includes the gpdf application, a Bonobo control for PDF display

which can be embedded in Nautilus, and a Nautilus property page for

PDF files.

Chris Evans discovered several flaws in the way CUPS

processes PDF files. An attacker could construct a carefully

crafted PDF file that could cause CUPS to crash or possibly

execute arbitrary code when opened. The Common

Vulnerabilities and Exposures project assigned the names

CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and

CVE-2005-3627 to these issues.

- Apply fix for CVE-2005-3624 (also covers CVE-2005-3193)

(bug 176866)

3f7a8f70d4f2a8f18d823c572ad99755361adf23 SRPMS/gpdf-2.8.2-7.2.src.rpm

e0b1860bc92e3b69c60dbe53548ca709223d1822 x86_64/gpdf-2.8.2-7.2.x86_64.rpm

42a7a344a3d3e040bf37e002c788f8ca5fde8dba x86_64/debug/gpdf-debuginfo-2.8.2-7.2.x86_64.rpm

cada2bbc6925dbb27ea17317f9f8c31488d33cd0 i386/gpdf-2.8.2-7.2.i386.rpm

9280b56de65f4acedd3c13b5ff455fdc610463ae i386/debug/gpdf-debuginfo-2.8.2-7.2.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list mailing list

fedora-announce-list@redhat.com