SciLinux: CVE-2009-0791 Important: kdegraphics SL4.x, SL5.x i386/x8...

Date:         Thu, 15 Oct 2009 13:32:27 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Important: kdegraphics on SL4.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Important: kdegraphics security update
Issue date:	2009-10-15
CVE Names:	CVE-2009-0791 CVE-2009-1188 CVE-2009-3604
                 CVE-2009-3606 CVE-2009-3608 CVE-2009-3609

CVE-2009-0791 xpdf: multiple integer overflows
CVE-2009-1188 xpdf/poppler: SplashBitmap integer overflow
CVE-2009-3608 xpdf/poppler: integer overflow in 
ObjectStream::ObjectStream (oCERT-2009-016)
CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow
CVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and 
missing allocation return value check

Multiple integer overflow flaws were found in KPDF. An attacker could
create a malicious PDF file that would cause KPDF to crash or, 
potentially, execute arbitrary code when opened. (CVE-2009-0791, 
CVE-2009-1188, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)

SL 4.x

      SRPMS:
kdegraphics-3.3.1-15.el4_8.2.src.rpm
      i386:
kdegraphics-3.3.1-15.el4_8.2.i386.rpm
kdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm
      x86_64:
kdegraphics-3.3.1-15.el4_8.2.x86_64.rpm
kdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpm

SL 5.x

      SRPMS:
kdegraphics-3.5.4-15.el5_4.2.src.rpm
      i386:
kdegraphics-3.5.4-15.el5_4.2.i386.rpm
kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm
      x86_64:
kdegraphics-3.5.4-15.el5_4.2.x86_64.rpm
kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm
kdegraphics-devel-3.5.4-15.el5_4.2.x86_64.rpm

-Connie Sieh
-Troy Dawson

Date: Thu, 15 Oct 2009 13:32:27 -0500Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Important: kdegraphics on SL4.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov" Synopsis: Important: kdegraphics security updateIssue date: 2009-10-15CVE Names: CVE-2009-0791 CVE-2009-1188 CVE-2009-3604 CVE-2009-3606 CVE-2009-3608 CVE-2009-3609CVE-2009-0791 xpdf: multiple integer overflowsCVE-2009-1188 xpdf/poppler: SplashBitmap integer overflowCVE-2009-3608 xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016)CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflowCVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and missing allocation return value checkMultiple integer overflow flaws were found in KPDF. An attacker couldcreate a malicious PDF file that would cause KPDF to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)SL 4.x SRPMS:kdegraphics-3.3.1-15.el4_8.2.src.rpm i386:kdegraphics-3.3.1-15.el4_8.2.i386.rpmkdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm x86_64:kdegraphics-3.3.1-15.el4_8.2.x86_64.rpmkdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpmSL 5.x SRPMS:kdegraphics-3.5.4-15.el5_4.2.src.rpm i386:kdegraphics-3.5.4-15.el5_4.2.i386.rpmkdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm x86_64:kdegraphics-3.5.4-15.el5_4.2.x86_64.rpmkdegraphics-devel-3.5.4-15.el5_4.2.i386.rpmkdegraphics-devel-3.5.4-15.el5_4.2.x86_64.rpm-Connie Sieh-Troy Dawson

What Are You Looking For?

SciLinux: CVE-2009-0791 Important: kdegraphics SL4.x, SL5.x i386/x86_64

Summary

Security Fixes

Kubernetes Security on AWS: A Practical Guide

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!

Unlocking the Future of Authentication: Passkeys vs. Passwords

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

About Us

Powered By