Fedora Core 3 Update: tetex-2.0.2-21.7.FC3

    Date27 Jan 2006
    CategoryFedora
    4412
    Posted ByJoe Shakespeare
    Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.
    ---------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2005-029
    2006-01-12
    ---------------------------------------------------------------------
    
    Product     : Fedora Core 3
    Name        : tetex
    Version     : 2.0.2                      
    Release     : 21.7.FC3                  
    Summary     : The TeX text formatting system.
    Description :
    TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
    a text file and a set of formatting commands as input and creates a
    typesetter-independent .dvi (DeVice Independent) file as output.
    Usually, TeX is used in conjunction with a higher level formatting
    package like LaTeX or PlainTeX, since TeX by itself is not very
    user-friendly.
    
    Install tetex if you want to use the TeX text formatting system. If
    you are installing tetex, you will also need to install tetex-afm (a
    PostScript(TM) font converter for TeX),
    tetex-dvips (for converting .dvi files to PostScript format
    for printing on PostScript printers), tetex-latex (a higher level
    formatting package which provides an easier-to-use interface for TeX),
    and tetex-xdvi (for previewing .dvi files in X). Unless you are an
    expert at using TeX, you should also install the tetex-doc package,
    which includes the documentation for TeX.
    
    ---------------------------------------------------------------------
    Update Information:
    
    Several flaws were discovered in the way teTeX processes PDF
    files. An attacker could construct a carefully crafted PDF
    file that could cause poppler to crash or possibly execute
    arbitrary code when opened.
    
    The Common Vulnerabilities and Exposures project assigned
    the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
    CVE-2005-3627 to these issues.
    ---------------------------------------------------------------------
    * Wed Jan 11 2006 Jindrich Novy  2.0.2-21.7.FC3
    - apply additional patch to fix xpdf flaws from Ludwig Nussel
      (CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193) (#177128)
    * Mon Dec 19 2005 Jindrich Novy  2.0.2-21.6
    - apply more complete fix for CVE-2005-3193 (#175110) suggested by
      security response team, taken from xpdf
    
    ---------------------------------------------------------------------
    This update can be downloaded from:
      http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
    
    cf7ccd06a85a2a3eaa876706971fe32f5cba66b9  SRPMS/tetex-2.0.2-21.7.FC3.src.rpm
    c4b3207cd02981b2c6f96ad2e27e2c882664c444  x86_64/tetex-2.0.2-21.7.FC3.x86_64.rpm
    cfe7477d6307af610983d7b3b4bd8ab1b23026bc  x86_64/tetex-latex-2.0.2-21.7.FC3.x86_64.rpm
    6de73df47b772f7631692c4c392a02a32630acc4  x86_64/tetex-xdvi-2.0.2-21.7.FC3.x86_64.rpm
    ec4cc2f62901e9714f5fc0a1e482ac87868a38e3  x86_64/tetex-dvips-2.0.2-21.7.FC3.x86_64.rpm
    7b7380a14999d0fb2ea794cf48afea1bf4fcb608  x86_64/tetex-afm-2.0.2-21.7.FC3.x86_64.rpm
    5f58c8f32f80ae9f3940918cb77dc4145ac87d15  x86_64/tetex-fonts-2.0.2-21.7.FC3.x86_64.rpm
    8269c2c6f763acc64d4b7230b3e2b9e30de0e5e6  x86_64/tetex-doc-2.0.2-21.7.FC3.x86_64.rpm
    fa6a0fe488ddca27adddf8fd8e86efd5d3c96702  x86_64/debug/tetex-debuginfo-2.0.2-21.7.FC3.x86_64.rpm
    0199f223161ef36cc20d6c8d3975bc93cf5b859a  i386/tetex-2.0.2-21.7.FC3.i386.rpm
    ebf60610fcb7883a7fd51fc9149ca0ce39c25f88  i386/tetex-latex-2.0.2-21.7.FC3.i386.rpm
    9b33603eaf128f8175b5d6a76b11dc2a1f7938a9  i386/tetex-xdvi-2.0.2-21.7.FC3.i386.rpm
    0bca7c80842a921535f9f169873bba67857a9262  i386/tetex-dvips-2.0.2-21.7.FC3.i386.rpm
    b10d1f4ab980b22f1b8c2998bba514294438e3e4  i386/tetex-afm-2.0.2-21.7.FC3.i386.rpm
    439315089cf95886e7e93531df42779a5b3c9225  i386/tetex-fonts-2.0.2-21.7.FC3.i386.rpm
    26316d94c329dbc63f732451cd92eac25a376bed  i386/tetex-doc-2.0.2-21.7.FC3.i386.rpm
    62428a292a5e896a2e13e95ad6dc58be9559af9e  i386/debug/tetex-debuginfo-2.0.2-21.7.FC3.i386.rpm
    
    This update can also be installed with the Update Agent; you can
    launch the Update Agent with the 'up2date' command.  
    ---------------------------------------------------------------------
    
    -- 
    fedora-announce-list mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/fedora-announce-list
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"67","type":"x","order":"1","pct":57.76,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":12.93,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.31,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.