RHSA-2005:671 - Security Advisory
kdegraphics security update
Security Advisory: Moderate
Updated kdegraphics packages that resolve a security issue in kpdf are now
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.
A flaw was discovered in kpdf. An attacker could construct a carefully
crafted PDF file that would cause kpdf to consume all available disk space
in /tmp when opened. The Common Vulnerabilities and Exposures project
assigned the name CAN-2005-2097 to this issue.
Note this issue does not affect Red Hat Enterprise Linux 3 or 2.1.
Users of kpdf should upgrade to these updated packages, which contains a
backported patch to resolve this issue.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
- BZ - 163925 - CAN-2005-2097 kpdf DoS
Red Hat Enterprise Linux for Power, big endian 4