---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-026
2006-01-10
---------------------------------------------------------------------Product     : Fedora Core 4
Name        : poppler
Version     : 0.4.4                      
Release     : 1.1                  
Summary     : PDF rendering library
Description :
Poppler, a PDF rendering library, it's a fork of the xpdf PDF
viewer developed by Derek Noonburg of Glyph and Cog, LLC.

---------------------------------------------------------------------Update Information:

Chris Evans discovered several flaws in the way poppler
processes PDF files. An attacker could construct a carefully
crafted PDF file that could cause poppler to crash or possibly
execute arbitrary code when opened. The Common
Vulnerabilities and Exposures project assigned the names
CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
CVE-2005-3627 to these issues. 
---------------------------------------------------------------------* Tue Jan 10 2006 Kristian Høgsberg  0.4.4-1.1
- Update to 0.4.4 release and drop poppler-0.4.3-CVE-2005-3191.patch.


---------------------------------------------------------------------This update can be downloaded from:
  
3690ab8e7d8e717f6fe2580a81738c579996357f  SRPMS/poppler-0.4.4-1.1.src.rpm
1597b8461a8bd1972aee62d4e1b2027dcf2bbc42  ppc/poppler-0.4.4-1.1.ppc.rpm
363d5fcff948292d5f60663309df7bd147ddb7e7  ppc/poppler-devel-0.4.4-1.1.ppc.rpm
e372992802a3e1867dcbab31e4a69720065809c8  ppc/debug/poppler-debuginfo-0.4.4-1.1.ppc.rpm
6c30672e65b4f257812f0a6c1e4443aa8354e687  x86_64/poppler-0.4.4-1.1.x86_64.rpm
9ad63986347bb0de8cadb1fca0df69d865cbef4a  x86_64/poppler-devel-0.4.4-1.1.x86_64.rpm
ed87f5deb75bcef2cfe15d2ea5a33991eb4227cb  x86_64/debug/poppler-debuginfo-0.4.4-1.1.x86_64.rpm
1571c13ca07473bf880dad9712c2505fdf7d4e71  i386/poppler-0.4.4-1.1.i386.rpm
798f241bcec802e7d0c6ef09aebdaebd4f112d9c  i386/poppler-devel-0.4.4-1.1.i386.rpm
2f18e087f3eb11a56204ef3caaedba900ba86eb9  i386/debug/poppler-debuginfo-0.4.4-1.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
----------------------------------------------------------------------- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 4 Update: poppler-0.4.4-1.1

January 27, 2006
Chris Evans discovered several flaws in the way poppler processes PDF files

Summary

Poppler, a PDF rendering library, it's a fork of the xpdf PDF

viewer developed by Derek Noonburg of Glyph and Cog, LLC.

Chris Evans discovered several flaws in the way poppler

processes PDF files. An attacker could construct a carefully

crafted PDF file that could cause poppler to crash or possibly

execute arbitrary code when opened. The Common

Vulnerabilities and Exposures project assigned the names

CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and

CVE-2005-3627 to these issues.

- Update to 0.4.4 release and drop poppler-0.4.3-CVE-2005-3191.patch.

3690ab8e7d8e717f6fe2580a81738c579996357f SRPMS/poppler-0.4.4-1.1.src.rpm

1597b8461a8bd1972aee62d4e1b2027dcf2bbc42 ppc/poppler-0.4.4-1.1.ppc.rpm

363d5fcff948292d5f60663309df7bd147ddb7e7 ppc/poppler-devel-0.4.4-1.1.ppc.rpm

e372992802a3e1867dcbab31e4a69720065809c8 ppc/debug/poppler-debuginfo-0.4.4-1.1.ppc.rpm

6c30672e65b4f257812f0a6c1e4443aa8354e687 x86_64/poppler-0.4.4-1.1.x86_64.rpm

9ad63986347bb0de8cadb1fca0df69d865cbef4a x86_64/poppler-devel-0.4.4-1.1.x86_64.rpm

ed87f5deb75bcef2cfe15d2ea5a33991eb4227cb x86_64/debug/poppler-debuginfo-0.4.4-1.1.x86_64.rpm

1571c13ca07473bf880dad9712c2505fdf7d4e71 i386/poppler-0.4.4-1.1.i386.rpm

798f241bcec802e7d0c6ef09aebdaebd4f112d9c i386/poppler-devel-0.4.4-1.1.i386.rpm

2f18e087f3eb11a56204ef3caaedba900ba86eb9 i386/debug/poppler-debuginfo-0.4.4-1.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list mailing list

fedora-announce-list@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-026 2006-01-10 Name : poppler Version : 0.4.4 Release : 1.1 Summary : PDF rendering library Description : Poppler, a PDF rendering library, it's a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. Chris Evans discovered several flaws in the way poppler processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues. - Update to 0.4.4 release and drop poppler-0.4.3-CVE-2005-3191.patch. 3690ab8e7d8e717f6fe2580a81738c579996357f SRPMS/poppler-0.4.4-1.1.src.rpm 1597b8461a8bd1972aee62d4e1b2027dcf2bbc42 ppc/poppler-0.4.4-1.1.ppc.rpm 363d5fcff948292d5f60663309df7bd147ddb7e7 ppc/poppler-devel-0.4.4-1.1.ppc.rpm e372992802a3e1867dcbab31e4a69720065809c8 ppc/debug/poppler-debuginfo-0.4.4-1.1.ppc.rpm 6c30672e65b4f257812f0a6c1e4443aa8354e687 x86_64/poppler-0.4.4-1.1.x86_64.rpm 9ad63986347bb0de8cadb1fca0df69d865cbef4a x86_64/poppler-devel-0.4.4-1.1.x86_64.rpm ed87f5deb75bcef2cfe15d2ea5a33991eb4227cb x86_64/debug/poppler-debuginfo-0.4.4-1.1.x86_64.rpm 1571c13ca07473bf880dad9712c2505fdf7d4e71 i386/poppler-0.4.4-1.1.i386.rpm 798f241bcec802e7d0c6ef09aebdaebd4f112d9c i386/poppler-devel-0.4.4-1.1.i386.rpm 2f18e087f3eb11a56204ef3caaedba900ba86eb9 i386/debug/poppler-debuginfo-0.4.4-1.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list mailing list fedora-announce-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : poppler
Version : 0.4.4
Release : 1.1
Summary : PDF rendering library

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved