---------------------------------------------------------------------Fedora Update Notification
FEDORA-2006-103
2006-02-10
---------------------------------------------------------------------Product     : Fedora Core 4
Name        : poppler
Version     : 0.4.5                      
Release     : 1.1                  
Summary     : PDF rendering library
Description :
Poppler, a PDF rendering library, it's a fork of the xpdf PDF
viewer developed by Derek Noonburg of Glyph and Cog, LLC.

---------------------------------------------------------------------Update Information:

Heap-based buffer overflow in Splash.cc in poppler, allows
attackers to cause a denial of service and possibly execute
arbitrary code via crafted splash images that produce
certain values that exceed the width or height of the
associated bitmap.

---------------------------------------------------------------------* Thu Feb  9 2006 Kristian Høgsberg  0.4.5-1.1
- Security release: CVE-2006-0301.

---------------------------------------------------------------------This update can be downloaded from:
  
a6389ee0a029cd9d00554e895379b58141be1e9d  SRPMS/poppler-0.4.5-1.1.src.rpm
55b7d8faeda8942de95da47256dd63324826ab0d  ppc/poppler-0.4.5-1.1.ppc.rpm
4e2cf64d7b1cf1f6dcd2f4d4dec6abfe37032cbf  ppc/poppler-devel-0.4.5-1.1.ppc.rpm
b04be63e76106bb65bb7e9e1a99c74a8e973514d  ppc/debug/poppler-debuginfo-0.4.5-1.1.ppc.rpm
249b969c8751b1a53722e8264d2f3fc8fc5e9979  x86_64/poppler-0.4.5-1.1.x86_64.rpm
f5e61e706c434ad24bd6cece6affa754361d80cd  x86_64/poppler-devel-0.4.5-1.1.x86_64.rpm
cfb05d07796ee23f56ed3aa19111f875d54e4b7f  x86_64/debug/poppler-debuginfo-0.4.5-1.1.x86_64.rpm
8dc27611a2cde6baeb0d6212a88e7ad6d8035808  i386/poppler-0.4.5-1.1.i386.rpm
73f916b518fa1e32a1ecba95cf9cc36a6e2bc49a  i386/poppler-devel-0.4.5-1.1.i386.rpm
7026c75efdce668f7e35bc2332f5d516496aef1f  i386/debug/poppler-debuginfo-0.4.5-1.1.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
----------------------------------------------------------------------- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 4 Update: poppler-0.4.5-1.1

February 10, 2006
Heap-based buffer overflow in Splash.cc in poppler, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce cert...

Summary

Poppler, a PDF rendering library, it's a fork of the xpdf PDF

viewer developed by Derek Noonburg of Glyph and Cog, LLC.

Heap-based buffer overflow in Splash.cc in poppler, allows

attackers to cause a denial of service and possibly execute

arbitrary code via crafted splash images that produce

certain values that exceed the width or height of the

associated bitmap.

- Security release: CVE-2006-0301.

a6389ee0a029cd9d00554e895379b58141be1e9d SRPMS/poppler-0.4.5-1.1.src.rpm

55b7d8faeda8942de95da47256dd63324826ab0d ppc/poppler-0.4.5-1.1.ppc.rpm

4e2cf64d7b1cf1f6dcd2f4d4dec6abfe37032cbf ppc/poppler-devel-0.4.5-1.1.ppc.rpm

b04be63e76106bb65bb7e9e1a99c74a8e973514d ppc/debug/poppler-debuginfo-0.4.5-1.1.ppc.rpm

249b969c8751b1a53722e8264d2f3fc8fc5e9979 x86_64/poppler-0.4.5-1.1.x86_64.rpm

f5e61e706c434ad24bd6cece6affa754361d80cd x86_64/poppler-devel-0.4.5-1.1.x86_64.rpm

cfb05d07796ee23f56ed3aa19111f875d54e4b7f x86_64/debug/poppler-debuginfo-0.4.5-1.1.x86_64.rpm

8dc27611a2cde6baeb0d6212a88e7ad6d8035808 i386/poppler-0.4.5-1.1.i386.rpm

73f916b518fa1e32a1ecba95cf9cc36a6e2bc49a i386/poppler-devel-0.4.5-1.1.i386.rpm

7026c75efdce668f7e35bc2332f5d516496aef1f i386/debug/poppler-debuginfo-0.4.5-1.1.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2006-103 2006-02-10 Name : poppler Version : 0.4.5 Release : 1.1 Summary : PDF rendering library Description : Poppler, a PDF rendering library, it's a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. Heap-based buffer overflow in Splash.cc in poppler, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. - Security release: CVE-2006-0301. a6389ee0a029cd9d00554e895379b58141be1e9d SRPMS/poppler-0.4.5-1.1.src.rpm 55b7d8faeda8942de95da47256dd63324826ab0d ppc/poppler-0.4.5-1.1.ppc.rpm 4e2cf64d7b1cf1f6dcd2f4d4dec6abfe37032cbf ppc/poppler-devel-0.4.5-1.1.ppc.rpm b04be63e76106bb65bb7e9e1a99c74a8e973514d ppc/debug/poppler-debuginfo-0.4.5-1.1.ppc.rpm 249b969c8751b1a53722e8264d2f3fc8fc5e9979 x86_64/poppler-0.4.5-1.1.x86_64.rpm f5e61e706c434ad24bd6cece6affa754361d80cd x86_64/poppler-devel-0.4.5-1.1.x86_64.rpm cfb05d07796ee23f56ed3aa19111f875d54e4b7f x86_64/debug/poppler-debuginfo-0.4.5-1.1.x86_64.rpm 8dc27611a2cde6baeb0d6212a88e7ad6d8035808 i386/poppler-0.4.5-1.1.i386.rpm 73f916b518fa1e32a1ecba95cf9cc36a6e2bc49a i386/poppler-devel-0.4.5-1.1.i386.rpm 7026c75efdce668f7e35bc2332f5d516496aef1f i386/debug/poppler-debuginfo-0.4.5-1.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . fedora-announce-list mailing list fedora-announce-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : poppler
Version : 0.4.5
Release : 1.1
Summary : PDF rendering library

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved