LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 3 Update: tetex-2.0.2-21.7.FC3 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-029
2006-01-12
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : tetex
Version     : 2.0.2                      
Release     : 21.7.FC3                  
Summary     : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very
user-friendly.

Install tetex if you want to use the TeX text formatting system. If
you are installing tetex, you will also need to install tetex-afm (a
PostScript(TM) font converter for TeX),
tetex-dvips (for converting .dvi files to PostScript format
for printing on PostScript printers), tetex-latex (a higher level
formatting package which provides an easier-to-use interface for TeX),
and tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.

---------------------------------------------------------------------
Update Information:

Several flaws were discovered in the way teTeX processes PDF
files. An attacker could construct a carefully crafted PDF
file that could cause poppler to crash or possibly execute
arbitrary code when opened.

The Common Vulnerabilities and Exposures project assigned
the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
CVE-2005-3627 to these issues.
---------------------------------------------------------------------
* Wed Jan 11 2006 Jindrich Novy  2.0.2-21.7.FC3
- apply additional patch to fix xpdf flaws from Ludwig Nussel
  (CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193) (#177128)
* Mon Dec 19 2005 Jindrich Novy  2.0.2-21.6
- apply more complete fix for CVE-2005-3193 (#175110) suggested by
  security response team, taken from xpdf

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

cf7ccd06a85a2a3eaa876706971fe32f5cba66b9  SRPMS/tetex-2.0.2-21.7.FC3.src.rpm
c4b3207cd02981b2c6f96ad2e27e2c882664c444  x86_64/tetex-2.0.2-21.7.FC3.x86_64.rpm
cfe7477d6307af610983d7b3b4bd8ab1b23026bc  x86_64/tetex-latex-2.0.2-21.7.FC3.x86_64.rpm
6de73df47b772f7631692c4c392a02a32630acc4  x86_64/tetex-xdvi-2.0.2-21.7.FC3.x86_64.rpm
ec4cc2f62901e9714f5fc0a1e482ac87868a38e3  x86_64/tetex-dvips-2.0.2-21.7.FC3.x86_64.rpm
7b7380a14999d0fb2ea794cf48afea1bf4fcb608  x86_64/tetex-afm-2.0.2-21.7.FC3.x86_64.rpm
5f58c8f32f80ae9f3940918cb77dc4145ac87d15  x86_64/tetex-fonts-2.0.2-21.7.FC3.x86_64.rpm
8269c2c6f763acc64d4b7230b3e2b9e30de0e5e6  x86_64/tetex-doc-2.0.2-21.7.FC3.x86_64.rpm
fa6a0fe488ddca27adddf8fd8e86efd5d3c96702  x86_64/debug/tetex-debuginfo-2.0.2-21.7.FC3.x86_64.rpm
0199f223161ef36cc20d6c8d3975bc93cf5b859a  i386/tetex-2.0.2-21.7.FC3.i386.rpm
ebf60610fcb7883a7fd51fc9149ca0ce39c25f88  i386/tetex-latex-2.0.2-21.7.FC3.i386.rpm
9b33603eaf128f8175b5d6a76b11dc2a1f7938a9  i386/tetex-xdvi-2.0.2-21.7.FC3.i386.rpm
0bca7c80842a921535f9f169873bba67857a9262  i386/tetex-dvips-2.0.2-21.7.FC3.i386.rpm
b10d1f4ab980b22f1b8c2998bba514294438e3e4  i386/tetex-afm-2.0.2-21.7.FC3.i386.rpm
439315089cf95886e7e93531df42779a5b3c9225  i386/tetex-fonts-2.0.2-21.7.FC3.i386.rpm
26316d94c329dbc63f732451cd92eac25a376bed  i386/tetex-doc-2.0.2-21.7.FC3.i386.rpm
62428a292a5e896a2e13e95ad6dc58be9559af9e  i386/debug/tetex-debuginfo-2.0.2-21.7.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers encrypted the entire City of Detroit DataBase & demanded ransom of 2000 bitcoins ($803,500)
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.