gpdf security update

2006-01-12T05:08:16
ID CESA-2006:0177
Type centos
Reporter CentOS Project
Modified 2006-01-12T13:20:38

Description

CentOS Errata and Security Advisory CESA-2006:0177

gpdf is a GNOME based viewer for Portable Document Format (PDF) files.

Chris Evans discovered several flaws in the way gpdf processes PDF files. An attacker could construct a carefully crafted PDF file that could cause gpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.

Users of gpdf should upgrade to this updated package, which contains a backported patch to resolve these issues.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2006-January/024603.html http://lists.centos.org/pipermail/centos-announce/2006-January/024604.html http://lists.centos.org/pipermail/centos-announce/2006-January/024605.html http://lists.centos.org/pipermail/centos-announce/2006-January/024611.html http://lists.centos.org/pipermail/centos-announce/2006-January/024612.html

Affected packages: gpdf

Upstream details at: https://rhn.redhat.com/errata/RHSA-2006-0177.html