Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Fedora Core 4: FEDORA-2005-729 Critical: xpdf Disk Space DoS

fedora
Calendar Grey August 15, 2005
Dist Fedora Esm H88
Xpdf on Fedora Core 4 is vulnerable to a Denial of Service (DoS) exploit, which has been addressed through a crucial system update. Protect your system’s integrity!
A flaw was discovered in Xpdf in that an attacker could construct a carefully crafted PDF file that would cause Xpdf to consume all available disk space in /tmp when opened.

Summary

Xpdf is an X Window System based viewer for Portable Document Format

(PDF) files. Xpdf is a small and efficient program which uses

standard X fonts.

A flaw was discovered in Xpdf in that an attacker could

construct a carefully crafted PDF file that would cause

Xpdf to consume all available disk space in /tmp when

opened. The Common Vulnerabilities and Exposures project

assigned the name CAN-2005-2097 to this issue.

Users of xpdf should upgrade to this updated package, which

contains a patch to resolve this issue.

- better patch to fix CAN-2005-2097, #163918

- fix build problem with gcc4

* Tue Jul 26 2005 Than Ngo 3.00-20.FC4.1

- backport patch to fix xpdf DoS, CAN-2005-2097, #163918

- fix xpdf crash #163807

45702d839a744d7e47a1fe03bf6e4e40 SRPMS/xpdf-3.00-20.FC4.2.src.rpm

1a726ed1bd8b5dc3141a1614258ebff1 ppc/xpdf-3.00-20.FC4.2.ppc.rpm

61348dbd1b1c3d798f6862446242a7ec ppc/debug/xpdf-debuginfo-3.00-20.FC4.2.ppc.rpm

ff2f134d6361527f9d18d94e46796ebf x86_64/xpdf-3.00-20.FC4.2.x86_64.rpm

11e6090deb68034abb58429a1c415d46

x86_64/debug/xpdf-debuginfo-3.00-20.FC4.2.x86_64.rpm

db028d8f8f8d8242e6ccccdeb26408c7 i386/xpdf-3.00-20.FC4.2.i386.rpm

2aafd3c99dc2931060df6e7aedacff9a i386/debug/xpdf-debuginfo-3.00-20.FC4.2.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xpdf
Version: 3.00
Release: 20.FC4.2
Summary: A PDF file viewer for the X Window System.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here