---------------------------------------------------------------------Fedora Update Notification
FEDORA-2004-572
2004-12-22
---------------------------------------------------------------------Product     : Fedora Core 2
Name        : xpdf
Version     : 3.00
Release     : 3.6
Summary     : A PDF file viewer for the X Window System.
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.

---------------------------------------------------------------------Update Information:

This package fixes a buffer overflow which allows attackers to cause the
xpdf application to crash, and possibly to execute arbitrary code.  The
Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned
the name CAN-2004-1125 to this issue.

---------------------------------------------------------------------* Wed Dec 22 2004 Tim Waugh  1:3.00-3.6

- Applied patch to fix CAN-2004-1125 (bug #143500).


---------------------------------------------------------------------This update can be downloaded from:
  
917422b5087ab12727223d4e570ade55  SRPMS/xpdf-3.00-3.6.src.rpm
293af32ed4f834a436dcdd1ddf7eab1b  x86_64/xpdf-3.00-3.6.x86_64.rpm
ff615294add6b4b8de966ff09168cfd9  x86_64/debug/xpdf-debuginfo-3.00-3.6.x86_64.rpm
2c70874a77f954e1de778457d4889154  i386/xpdf-3.00-3.6.i386.rpm
3222f6518777a6dcef53714a0b050c6d  i386/debug/xpdf-debuginfo-3.00-3.6.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

Fedora: xpdf-3.00-3.6 update

December 22, 2004
This package fixes a buffer overflow which allows attackers to cause the xpdf application to crash, and possibly to execute arbitrary code

Summary

Xpdf is an X Window System based viewer for Portable Document Format

(PDF) files. Xpdf is a small and efficient program which uses

standard X fonts.

This package fixes a buffer overflow which allows attackers to cause the

xpdf application to crash, and possibly to execute arbitrary code. The

Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned

the name CAN-2004-1125 to this issue.

- Applied patch to fix CAN-2004-1125 (bug #143500).

917422b5087ab12727223d4e570ade55 SRPMS/xpdf-3.00-3.6.src.rpm

293af32ed4f834a436dcdd1ddf7eab1b x86_64/xpdf-3.00-3.6.x86_64.rpm

ff615294add6b4b8de966ff09168cfd9 x86_64/debug/xpdf-debuginfo-3.00-3.6.x86_64.rpm

2c70874a77f954e1de778457d4889154 i386/xpdf-3.00-3.6.i386.rpm

3222f6518777a6dcef53714a0b050c6d i386/debug/xpdf-debuginfo-3.00-3.6.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

FEDORA-2004-572 2004-12-22 Name : xpdf Version : 3.00 Release : 3.6 Summary : A PDF file viewer for the X Window System. Description : Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Xpdf is a small and efficient program which uses standard X fonts. This package fixes a buffer overflow which allows attackers to cause the xpdf application to crash, and possibly to execute arbitrary code. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2004-1125 to this issue. - Applied patch to fix CAN-2004-1125 (bug #143500). 917422b5087ab12727223d4e570ade55 SRPMS/xpdf-3.00-3.6.src.rpm 293af32ed4f834a436dcdd1ddf7eab1b x86_64/xpdf-3.00-3.6.x86_64.rpm ff615294add6b4b8de966ff09168cfd9 x86_64/debug/xpdf-debuginfo-3.00-3.6.x86_64.rpm 2c70874a77f954e1de778457d4889154 i386/xpdf-3.00-3.6.i386.rpm 3222f6518777a6dcef53714a0b050c6d i386/debug/xpdf-debuginfo-3.00-3.6.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

Change Log

References

Update Instructions

Severity
Name : xpdf
Version : 3.00
Release : 3.6
Summary : A PDF file viewer for the X Window System.

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved