Fedora Core 3 Update: tetex-2.0.2-21.7.FC3 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

How strictly do your users obey your security policies?

	To the letter.
	For the most part.
	When it suits them.
	By chance.
	Not at all.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Advisory Watch: November 21st, 2008

Linux Security Week: November 17th, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora Core 3 Update: tetex-2.0.2-21.7.FC3

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-029
2006-01-12
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : tetex
Version     : 2.0.2                      
Release     : 21.7.FC3                  
Summary     : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very
user-friendly.

Install tetex if you want to use the TeX text formatting system. If
you are installing tetex, you will also need to install tetex-afm (a
PostScript(TM) font converter for TeX),
tetex-dvips (for converting .dvi files to PostScript format
for printing on PostScript printers), tetex-latex (a higher level
formatting package which provides an easier-to-use interface for TeX),
and tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.

---------------------------------------------------------------------
Update Information:

Several flaws were discovered in the way teTeX processes PDF
files. An attacker could construct a carefully crafted PDF
file that could cause poppler to crash or possibly execute
arbitrary code when opened.

The Common Vulnerabilities and Exposures project assigned
the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
CVE-2005-3627 to these issues.
---------------------------------------------------------------------
* Wed Jan 11 2006 Jindrich Novy  2.0.2-21.7.FC3
- apply additional patch to fix xpdf flaws from Ludwig Nussel
  (CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193) (#177128)
* Mon Dec 19 2005 Jindrich Novy  2.0.2-21.6
- apply more complete fix for CVE-2005-3193 (#175110) suggested by
  security response team, taken from xpdf

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

cf7ccd06a85a2a3eaa876706971fe32f5cba66b9  SRPMS/tetex-2.0.2-21.7.FC3.src.rpm
c4b3207cd02981b2c6f96ad2e27e2c882664c444  x86_64/tetex-2.0.2-21.7.FC3.x86_64.rpm
cfe7477d6307af610983d7b3b4bd8ab1b23026bc  x86_64/tetex-latex-2.0.2-21.7.FC3.x86_64.rpm
6de73df47b772f7631692c4c392a02a32630acc4  x86_64/tetex-xdvi-2.0.2-21.7.FC3.x86_64.rpm
ec4cc2f62901e9714f5fc0a1e482ac87868a38e3  x86_64/tetex-dvips-2.0.2-21.7.FC3.x86_64.rpm
7b7380a14999d0fb2ea794cf48afea1bf4fcb608  x86_64/tetex-afm-2.0.2-21.7.FC3.x86_64.rpm
5f58c8f32f80ae9f3940918cb77dc4145ac87d15  x86_64/tetex-fonts-2.0.2-21.7.FC3.x86_64.rpm
8269c2c6f763acc64d4b7230b3e2b9e30de0e5e6  x86_64/tetex-doc-2.0.2-21.7.FC3.x86_64.rpm
fa6a0fe488ddca27adddf8fd8e86efd5d3c96702  x86_64/debug/tetex-debuginfo-2.0.2-21.7.FC3.x86_64.rpm
0199f223161ef36cc20d6c8d3975bc93cf5b859a  i386/tetex-2.0.2-21.7.FC3.i386.rpm
ebf60610fcb7883a7fd51fc9149ca0ce39c25f88  i386/tetex-latex-2.0.2-21.7.FC3.i386.rpm
9b33603eaf128f8175b5d6a76b11dc2a1f7938a9  i386/tetex-xdvi-2.0.2-21.7.FC3.i386.rpm
0bca7c80842a921535f9f169873bba67857a9262  i386/tetex-dvips-2.0.2-21.7.FC3.i386.rpm
b10d1f4ab980b22f1b8c2998bba514294438e3e4  i386/tetex-afm-2.0.2-21.7.FC3.i386.rpm
439315089cf95886e7e93531df42779a5b3c9225  i386/tetex-fonts-2.0.2-21.7.FC3.i386.rpm
26316d94c329dbc63f732451cd92eac25a376bed  i386/tetex-doc-2.0.2-21.7.FC3.i386.rpm
62428a292a5e896a2e13e95ad6dc58be9559af9e  i386/debug/tetex-debuginfo-2.0.2-21.7.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list

< Prev		Next >

Partner:

Latest Features

A Secure Nagios Server

Never Installed a Firewall on Ubuntu? Try Firestarter

Review: Hacking Exposed Linux, Third Edition

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Yesterday's Edition

Plaintext Recovery Attack Against SSH

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital