SciLinux: 2007-11-12 Important kdegraphics Update for PDF Threats

Nov 13, 2007 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory software update kdegraphics pdf issue scientific linux

Important: kdegraphics security update

Date:         Tue, 13 Nov 2007 17:09:14 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux

From:         Troy Dawson 
Subject:      Security ERRATA for kdegraphics on SL5.x, SL4.x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis:	Important: kdegraphics security update
Issue date:	2007-11-12
CVE Names:	CVE-2007-4352 CVE-2007-5392 CVE-2007-5393

Alin Rad Pop discovered several flaws in the handling of PDF files. An
attacker could create a malicious PDF file that would cause kpdf to 
crash, or potentially execute arbitrary code when opened.
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393

SL 4.x

   SRPMS:
kdegraphics-3.3.1-6.src.rpm
   i386:
kdegraphics-3.3.1-6.i386.rpm
kdegraphics-devel-3.3.1-6.i386.rpm
   x86_64:
kdegraphics-3.3.1-6.x86_64.rpm
kdegraphics-devel-3.3.1-6.x86_64.rpm

SL 5.x

   SRPMS:
kdegraphics-3.5.4-5.el5_1.src.rpm
   i386:
kdegraphics-3.5.4-5.el5.i386.rpm
kdegraphics-devel-3.5.4-5.el5.i386.rpm
   x86_64:
kdegraphics-3.5.4-5.el5.x86_64.rpm
kdegraphics-devel-3.5.4-5.el5.i386.rpm
kdegraphics-devel-3.5.4-5.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here