Fedora Core 4 Update: tetex-3.0-9.FC4

    Date27 Jan 2006
    CategoryFedora
    4395
    Posted ByJoe Shakespeare
    Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues. This package also updates bindings in texdoc and causes the local texmf tree to be searched first.
    ---------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2005-028
    2006-01-12
    ---------------------------------------------------------------------
    
    Product     : Fedora Core 4
    Name        : tetex
    Version     : 3.0                      
    Release     : 9.FC4                  
    Summary     : The TeX text formatting system.
    Description :
    TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
    a text file and a set of formatting commands as input and creates a
    typesetter-independent .dvi (DeVice Independent) file as output.
    Usually, TeX is used in conjunction with a higher level formatting
    package like LaTeX or PlainTeX, since TeX by itself is not very
    user-friendly.
    
    Install tetex if you want to use the TeX text formatting system. If
    you are installing tetex, you will also need to install tetex-afm (a
    PostScript(TM) font converter for TeX),
    tetex-dvips (for converting .dvi files to PostScript format
    for printing on PostScript printers), tetex-latex (a higher level
    formatting package which provides an easier-to-use interface for TeX),
    and tetex-xdvi (for previewing .dvi files in X). Unless you are an
    expert at using TeX, you should also install the tetex-doc package,
    which includes the documentation for TeX.
    
    
    The Red Hat tetex package also contains software related to Japanese
    support for teTeX such as ptex, what is not a part of teTeX project.
    
    ---------------------------------------------------------------------
    Update Information:
    
    Several flaws were discovered in the way teTeX processes PDF
    files. An attacker could construct a carefully crafted PDF
    file that could cause poppler to crash or possibly execute
    arbitrary code when opened.
    
    The Common Vulnerabilities and Exposures project assigned
    the names CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to
    these issues.
    
    This package also updates bindings in texdoc and causes the
    local texmf tree to be searched first.
    ---------------------------------------------------------------------
    * Wed Jan 11 2006 Jindrich Novy  3.0-9.FC4
    - apply additional patch to fix xpdf flaws from Ludwig Nussel
      (CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193) (#177128)
    - /usr/share/texmf/doc is now owned by tetex package (#177065)
    - update searching order for kpathsea (local texmf tree is
      searched first)
    - don't use obsolete bindings in texdoc
    * Mon Dec 19 2005 Jindrich Novy  3.0-8.FC4
    - apply more complete fix for CVE-2005-3193 (#175110) suggested by
      security response team, taken from xpdf
    
    ---------------------------------------------------------------------
    This update can be downloaded from:
      http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
    
    d5803bb897ac8b307e604d9b5ff872c1ff314565  SRPMS/tetex-3.0-9.FC4.src.rpm
    ff74404da788d6b5677d6edf10745564bafd43da  ppc/tetex-3.0-9.FC4.ppc.rpm
    1ddbc8cb532cb20d101e490bb881621c994d8851  ppc/tetex-latex-3.0-9.FC4.ppc.rpm
    c8329a5c0b491f82d37e7b7024b3d4b0cf2553f1  ppc/tetex-xdvi-3.0-9.FC4.ppc.rpm
    7387673a1b7a69582e6f0c4b382430f9c71c5eec  ppc/tetex-dvips-3.0-9.FC4.ppc.rpm
    59b640dee6af739cde5d2f7f8dbebaaabcb4ec28  ppc/tetex-afm-3.0-9.FC4.ppc.rpm
    0e4a4804df1cfd756da3be2b93bbdc08548ce3cf  ppc/tetex-fonts-3.0-9.FC4.ppc.rpm
    846dc3c32e28fc4b1bc703d62f6bf1f1daa26031  ppc/tetex-doc-3.0-9.FC4.ppc.rpm
    4d054f78d197154f5de87f7118de6a01dd65230e  ppc/debug/tetex-debuginfo-3.0-9.FC4.ppc.rpm
    aa56a1fce1d8d1b5213a588612bfbea03d2e18d8  x86_64/tetex-3.0-9.FC4.x86_64.rpm
    ccd10c08e3342efd7e0345e3d6bf030574066262  x86_64/tetex-latex-3.0-9.FC4.x86_64.rpm
    2abd94209f969ffad4e152d5fa84d9724495886c  x86_64/tetex-xdvi-3.0-9.FC4.x86_64.rpm
    4a966b11d187f743445bf0a9193eab5e021bcc7b  x86_64/tetex-dvips-3.0-9.FC4.x86_64.rpm
    9b0b54e67982188e20dcbafdd1c25cc559306345  x86_64/tetex-afm-3.0-9.FC4.x86_64.rpm
    81c804112f3f557950f618a4d7d459f6d3683298  x86_64/tetex-fonts-3.0-9.FC4.x86_64.rpm
    a3905125347b27476119eb2109f533f868898f00  x86_64/tetex-doc-3.0-9.FC4.x86_64.rpm
    8c50c8246b1cd2eb16dc03f9f45ebbcb31470c87  x86_64/debug/tetex-debuginfo-3.0-9.FC4.x86_64.rpm
    7afe7adda01e3a4cef49c7ff05975c1a2ebf4d8a  i386/tetex-3.0-9.FC4.i386.rpm
    de7db2f913951772d3ea106472bc390b3bd6a391  i386/tetex-latex-3.0-9.FC4.i386.rpm
    af8d0c5026e4fbd557cc06024af2952025c8ba5b  i386/tetex-xdvi-3.0-9.FC4.i386.rpm
    3d7837c759ec17ac25a3ba82cc038eb0eab25558  i386/tetex-dvips-3.0-9.FC4.i386.rpm
    cb11ce07500fe9f978f8d372358eb4dd664bd03a  i386/tetex-afm-3.0-9.FC4.i386.rpm
    c483b2892a7b02e22ac96c91e39e24f0fb783a26  i386/tetex-fonts-3.0-9.FC4.i386.rpm
    31592fdca8509bc0412293b707eaf02485640b8e  i386/tetex-doc-3.0-9.FC4.i386.rpm
    d706dba1b43706096b7dcd29c8ef203d72c48731  i386/debug/tetex-debuginfo-3.0-9.FC4.i386.rpm
    
    This update can also be installed with the Update Agent; you can
    launch the Update Agent with the 'up2date' command.  
    ---------------------------------------------------------------------
    
    -- 
    fedora-announce-list mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/fedora-announce-list
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"65","type":"x","order":"1","pct":57.52,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.27,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.2,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.