Fedora Core 4: 2006-103 Critical: Heap-Based Buffer Overflow in Poppler

Poppler, a PDF rendering library, it's a fork of the xpdf PDF

viewer developed by Derek Noonburg of Glyph and Cog, LLC.

Heap-based buffer overflow in Splash.cc in poppler, allows

attackers to cause a denial of service and possibly execute

arbitrary code via crafted splash images that produce

certain values that exceed the width or height of the

associated bitmap.

- Security release: CVE-2006-0301.

a6389ee0a029cd9d00554e895379b58141be1e9d SRPMS/poppler-0.4.5-1.1.src.rpm

55b7d8faeda8942de95da47256dd63324826ab0d ppc/poppler-0.4.5-1.1.ppc.rpm

4e2cf64d7b1cf1f6dcd2f4d4dec6abfe37032cbf ppc/poppler-devel-0.4.5-1.1.ppc.rpm

b04be63e76106bb65bb7e9e1a99c74a8e973514d ppc/debug/poppler-debuginfo-0.4.5-1.1.ppc.rpm

249b969c8751b1a53722e8264d2f3fc8fc5e9979 x86_64/poppler-0.4.5-1.1.x86_64.rpm

f5e61e706c434ad24bd6cece6affa754361d80cd x86_64/poppler-devel-0.4.5-1.1.x86_64.rpm

cfb05d07796ee23f56ed3aa19111f875d54e4b7f x86_64/debug/poppler-debuginfo-0.4.5-1.1.x86_64.rpm

8dc27611a2cde6baeb0d6212a88e7ad6d8035808 i386/poppler-0.4.5-1.1.i386.rpm

73f916b518fa1e32a1ecba95cf9cc36a6e2bc49a i386/poppler-devel-0.4.5-1.1.i386.rpm

7026c75efdce668f7e35bc2332f5d516496aef1f i386/debug/poppler-debuginfo-0.4.5-1.1.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com