CentOS Errata and Security Advisory CESA-2006:0177
gpdf is a GNOME based viewer for Portable Document Format (PDF) files.
Chris Evans discovered several flaws in the way gpdf processes PDF files. An attacker could construct a carefully crafted PDF file that could cause gpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.
Users of gpdf should upgrade to this updated package, which contains a backported patch to resolve these issues.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2006-January/024603.html http://lists.centos.org/pipermail/centos-announce/2006-January/024604.html http://lists.centos.org/pipermail/centos-announce/2006-January/024605.html http://lists.centos.org/pipermail/centos-announce/2006-January/024611.html http://lists.centos.org/pipermail/centos-announce/2006-January/024612.html
Affected packages: gpdf
Upstream details at: https://rhn.redhat.com/errata/RHSA-2006-0177.html