Fedora Core 4 Update: poppler-0.4.4-1.1 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

How strictly do your users obey your security policies?

	To the letter.
	For the most part.
	When it suits them.
	By chance.
	Not at all.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Advisory Watch: November 21st, 2008

Linux Security Week: November 17th, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora Core 4 Update: poppler-0.4.4-1.1

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

Chris Evans discovered several flaws in the way poppler processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-026
2006-01-10
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : poppler
Version     : 0.4.4                      
Release     : 1.1                  
Summary     : PDF rendering library
Description :
Poppler, a PDF rendering library, it's a fork of the xpdf PDF
viewer developed by Derek Noonburg of Glyph and Cog, LLC.

---------------------------------------------------------------------
Update Information:

Chris Evans discovered several flaws in the way poppler
processes PDF files. An attacker could construct a carefully
crafted PDF file that could cause poppler to crash or possibly
execute arbitrary code when opened. The Common
Vulnerabilities and Exposures project assigned the names
CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
CVE-2005-3627 to these issues. 
---------------------------------------------------------------------
* Tue Jan 10 2006 Kristian Høgsberg  0.4.4-1.1
- Update to 0.4.4 release and drop poppler-0.4.3-CVE-2005-3191.patch.


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

3690ab8e7d8e717f6fe2580a81738c579996357f  SRPMS/poppler-0.4.4-1.1.src.rpm
1597b8461a8bd1972aee62d4e1b2027dcf2bbc42  ppc/poppler-0.4.4-1.1.ppc.rpm
363d5fcff948292d5f60663309df7bd147ddb7e7  ppc/poppler-devel-0.4.4-1.1.ppc.rpm
e372992802a3e1867dcbab31e4a69720065809c8  ppc/debug/poppler-debuginfo-0.4.4-1.1.ppc.rpm
6c30672e65b4f257812f0a6c1e4443aa8354e687  x86_64/poppler-0.4.4-1.1.x86_64.rpm
9ad63986347bb0de8cadb1fca0df69d865cbef4a  x86_64/poppler-devel-0.4.4-1.1.x86_64.rpm
ed87f5deb75bcef2cfe15d2ea5a33991eb4227cb  x86_64/debug/poppler-debuginfo-0.4.4-1.1.x86_64.rpm
1571c13ca07473bf880dad9712c2505fdf7d4e71  i386/poppler-0.4.4-1.1.i386.rpm
798f241bcec802e7d0c6ef09aebdaebd4f112d9c  i386/poppler-devel-0.4.4-1.1.i386.rpm
2f18e087f3eb11a56204ef3caaedba900ba86eb9  i386/debug/poppler-debuginfo-0.4.4-1.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list

< Prev		Next >

Partner:

Latest Features

A Secure Nagios Server

Never Installed a Firewall on Ubuntu? Try Firestarter

Review: Hacking Exposed Linux, Third Edition

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Yesterday's Edition

Plaintext Recovery Attack Against SSH

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital