RedHat: Critical: acroread security update
Summary
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
Several input validation flaws were discovered in Adobe Reader. A malicious
PDF file could cause Adobe Reader to crash or, potentially, execute
arbitrary code as the user running Adobe Reader. (CVE-2008-2549,
CVE-2008-2992, CVE-2008-4812, CVE-2008-4813, CVE-2008-4814, CVE-2008-4817)
The Adobe Reader binary had an insecure relative RPATH (runtime library
search path) set in the ELF (Executable and Linking Format) header. A local
attacker able to convince another user to run Adobe Reader in an
attacker-controlled directory could run arbitrary code with the privileges
of the victim. (CVE-2008-4815)
All acroread users are advised to upgrade to these updated packages, that
contain Adobe Reader version 8.1.3, and are not vulnerable to these issues.
Summary
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2992 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4817
Package List
Red Hat Enterprise Linux AS version 3 Extras:
i386:
acroread-8.1.3-1.i386.rpm
acroread-plugin-8.1.3-1.i386.rpm
x86_64:
acroread-8.1.3-1.i386.rpm
Red Hat Desktop version 3 Extras:
i386:
acroread-8.1.3-1.i386.rpm
acroread-plugin-8.1.3-1.i386.rpm
x86_64:
acroread-8.1.3-1.i386.rpm
Red Hat Enterprise Linux ES version 3 Extras:
i386:
acroread-8.1.3-1.i386.rpm
acroread-plugin-8.1.3-1.i386.rpm
x86_64:
acroread-8.1.3-1.i386.rpm
Red Hat Enterprise Linux WS version 3 Extras:
i386:
acroread-8.1.3-1.i386.rpm
acroread-plugin-8.1.3-1.i386.rpm
x86_64:
acroread-8.1.3-1.i386.rpm
Red Hat Enterprise Linux AS version 4 Extras:
i386:
acroread-8.1.3-1.el4.i386.rpm
acroread-plugin-8.1.3-1.el4.i386.rpm
x86_64:
acroread-8.1.3-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386:
acroread-8.1.3-1.el4.i386.rpm
acroread-plugin-8.1.3-1.el4.i386.rpm
x86_64:
acroread-8.1.3-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
acroread-8.1.3-1.el4.i386.rpm
acroread-plugin-8.1.3-1.el4.i386.rpm
x86_64:
acroread-8.1.3-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
acroread-8.1.3-1.el4.i386.rpm
acroread-plugin-8.1.3-1.el4.i386.rpm
x86_64:
acroread-8.1.3-1.el4.i386.rpm
RHEL Desktop Supplementary (v. 5 client):
i386:
acroread-8.1.3-1.el5.i386.rpm
acroread-plugin-8.1.3-1.el5.i386.rpm
x86_64:
acroread-8.1.3-1.el5.i386.rpm
acroread-plugin-8.1.3-1.el5.i386.rpm
RHEL Supplementary (v. 5 server):
i386:
acroread-8.1.3-1.el5.i386.rpm
acroread-plugin-8.1.3-1.el5.i386.rpm
x86_64:
acroread-8.1.3-1.el5.i386.rpm
acroread-plugin-8.1.3-1.el5.i386.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
Topic
Updated acroread packages that fix various security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the Red Hat Security Response Team.
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AS version 3 Extras - i386, x86_64
Red Hat Desktop version 3 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 3 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 3 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
RHEL Desktop Supplementary (v. 5 client) - i386, x86_64
RHEL Supplementary (v. 5 server) - i386, x86_64
Bugs Fixed
450078 - CVE-2008-2549 acroread: crash and possible code execution
469875 - CVE-2008-4812 Adobe Reader: embedded font handling out-of-bounds array indexing
469876 - CVE-2008-4813 Adobe Reader: PDF objects parsing and JavaScript getCosObj handling memory corruption flaw
469877 - CVE-2008-2992 Adobe Reader: JavaScript util.printf() function buffer overflow
469880 - CVE-2008-4814 Adobe Reader: arbitrary code execution via unspecified JavaScript method
469882 - CVE-2008-4815 Adobe Reader: insecure RPATH flaw
469923 - CVE-2008-4817 Adobe Reader: Download Manager input validation flaw