[SECURITY] Fedora 11 Update: pdfedit-0.4.3-4.fc11

updates at fedoraproject.org updates at fedoraproject.org
Sat Feb 20 00:24:10 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-1842
2010-02-19 23:55:29
--------------------------------------------------------------------------------

Name        : pdfedit
Product     : Fedora 11
Version     : 0.4.3
Release     : 4.fc11
URL         : http://sourceforge.net/projects/pdfedit/
Summary     : A complete pdf document editing solution
Description :
Free pdf editing using PdfEdit. Complete editing of pdf documents is made
possible with PDFedit. You can change either raw pdf objects (for advanced
users) or use predefined gui functions. Functions can be easily added as
everything is based on a script.

--------------------------------------------------------------------------------
Update Information:

Add patch from upstream to fix several security issues in xpdf code:
CVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608,
CVE-2009-3609
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 17 2010 Orion Poplawski <orion at cora.nwra.com> - 0.4.3-4
- Add patch from upstream to fix several security issues in xpdf code:
  CVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, 
  CVE-2009-3609
* Mon Feb 15 2010 Orion Poplawski <orion at cora.nwra.com> - 0.4.3-3
- Add patch from upstream to fix zlib link issue (bug #565061)
- Remove old configure option
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jul 21 2009 Bernard Johnson <bjohnson at symetrix.com> - 0.4.3-1
- 0.4.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #495907 - CVE-2009-1188 xpdf/poppler: SplashBitmap integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=495907
  [ 2 ] Bug #526911 - CVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and missing allocation return value check
        https://bugzilla.redhat.com/show_bug.cgi?id=526911
  [ 3 ] Bug #526877 - CVE-2009-3606 xpdf/poppler: PSOutputDev::doImageL1Sep integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=526877
  [ 4 ] Bug #526637 - CVE-2009-3608 xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016)
        https://bugzilla.redhat.com/show_bug.cgi?id=526637
  [ 5 ] Bug #526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=526893
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update pdfedit' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list