Red Hat Product Errata RHSA-2005:671 - Security Advisory

Issued:: 2005-08-09
Updated:: 2005-08-09

RHSA-2005:671 - Security Advisory

Overview
Updated Packages

Synopsis

kdegraphics security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kdegraphics packages that resolve a security issue in kpdf are now
available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.

A flaw was discovered in kpdf. An attacker could construct a carefully
crafted PDF file that would cause kpdf to consume all available disk space
in /tmp when opened. The Common Vulnerabilities and Exposures project
assigned the name CAN-2005-2097 to this issue.

Note this issue does not affect Red Hat Enterprise Linux 3 or 2.1.

Users of kpdf should upgrade to these updated packages, which contains a
backported patch to resolve this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

BZ - 163925 - CAN-2005-2097 kpdf DoS

CVEs

CVE-2005-2097

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
kdegraphics-3.3.1-3.4.src.rpm	SHA-256: f03bbf608b45028f94aacf2ad43e676332dd31c01907d900449ff6f3fb3f5803
x86_64
kdegraphics-3.3.1-3.4.x86_64.rpm	SHA-256: d1d89335194a8b659bdc3d7b0fa2a986d0f2228b7353a5e58fbcfe87eb17da40
kdegraphics-3.3.1-3.4.x86_64.rpm	SHA-256: d1d89335194a8b659bdc3d7b0fa2a986d0f2228b7353a5e58fbcfe87eb17da40
kdegraphics-devel-3.3.1-3.4.x86_64.rpm	SHA-256: 5f4892e536f5429f068bfd2585b70c813c8d737bbda2f58433a702958be25fac
kdegraphics-devel-3.3.1-3.4.x86_64.rpm	SHA-256: 5f4892e536f5429f068bfd2585b70c813c8d737bbda2f58433a702958be25fac
ia64
kdegraphics-3.3.1-3.4.ia64.rpm	SHA-256: a5f3ce01a3c9dd58ee821ef572bd9e8bc5a73c6f36cc9fd43e49290156226090
kdegraphics-3.3.1-3.4.ia64.rpm	SHA-256: a5f3ce01a3c9dd58ee821ef572bd9e8bc5a73c6f36cc9fd43e49290156226090
kdegraphics-devel-3.3.1-3.4.ia64.rpm	SHA-256: 60ef9528ab5a5ed2d0e8fc4645616c36076d59c2a15e3f2900fcab20f649cd6f
kdegraphics-devel-3.3.1-3.4.ia64.rpm	SHA-256: 60ef9528ab5a5ed2d0e8fc4645616c36076d59c2a15e3f2900fcab20f649cd6f
i386
kdegraphics-3.3.1-3.4.i386.rpm	SHA-256: b63e7aaaef9cf83b9ced88cfcdbd4c53dc56d8964cfb602aa7b522fe2f492ef4
kdegraphics-3.3.1-3.4.i386.rpm	SHA-256: b63e7aaaef9cf83b9ced88cfcdbd4c53dc56d8964cfb602aa7b522fe2f492ef4
kdegraphics-devel-3.3.1-3.4.i386.rpm	SHA-256: a7133e9044dc58c98a25854b7e533e5037d94fb225d7d6e5a3769de04536c57f
kdegraphics-devel-3.3.1-3.4.i386.rpm	SHA-256: a7133e9044dc58c98a25854b7e533e5037d94fb225d7d6e5a3769de04536c57f

Red Hat Enterprise Linux Workstation 4

SRPM
kdegraphics-3.3.1-3.4.src.rpm	SHA-256: f03bbf608b45028f94aacf2ad43e676332dd31c01907d900449ff6f3fb3f5803
x86_64
kdegraphics-3.3.1-3.4.x86_64.rpm	SHA-256: d1d89335194a8b659bdc3d7b0fa2a986d0f2228b7353a5e58fbcfe87eb17da40
kdegraphics-devel-3.3.1-3.4.x86_64.rpm	SHA-256: 5f4892e536f5429f068bfd2585b70c813c8d737bbda2f58433a702958be25fac
ia64
kdegraphics-3.3.1-3.4.ia64.rpm	SHA-256: a5f3ce01a3c9dd58ee821ef572bd9e8bc5a73c6f36cc9fd43e49290156226090
kdegraphics-devel-3.3.1-3.4.ia64.rpm	SHA-256: 60ef9528ab5a5ed2d0e8fc4645616c36076d59c2a15e3f2900fcab20f649cd6f
i386
kdegraphics-3.3.1-3.4.i386.rpm	SHA-256: b63e7aaaef9cf83b9ced88cfcdbd4c53dc56d8964cfb602aa7b522fe2f492ef4
kdegraphics-devel-3.3.1-3.4.i386.rpm	SHA-256: a7133e9044dc58c98a25854b7e533e5037d94fb225d7d6e5a3769de04536c57f

Red Hat Enterprise Linux Desktop 4

SRPM
kdegraphics-3.3.1-3.4.src.rpm	SHA-256: f03bbf608b45028f94aacf2ad43e676332dd31c01907d900449ff6f3fb3f5803
x86_64
kdegraphics-3.3.1-3.4.x86_64.rpm	SHA-256: d1d89335194a8b659bdc3d7b0fa2a986d0f2228b7353a5e58fbcfe87eb17da40
kdegraphics-devel-3.3.1-3.4.x86_64.rpm	SHA-256: 5f4892e536f5429f068bfd2585b70c813c8d737bbda2f58433a702958be25fac
i386
kdegraphics-3.3.1-3.4.i386.rpm	SHA-256: b63e7aaaef9cf83b9ced88cfcdbd4c53dc56d8964cfb602aa7b522fe2f492ef4
kdegraphics-devel-3.3.1-3.4.i386.rpm	SHA-256: a7133e9044dc58c98a25854b7e533e5037d94fb225d7d6e5a3769de04536c57f

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kdegraphics-3.3.1-3.4.src.rpm	SHA-256: f03bbf608b45028f94aacf2ad43e676332dd31c01907d900449ff6f3fb3f5803
s390x
kdegraphics-3.3.1-3.4.s390x.rpm	SHA-256: b5d5b2edb244cbf1a9661de872618c7d7505ee9a598e6b105b0939e620f966e5
kdegraphics-devel-3.3.1-3.4.s390x.rpm	SHA-256: d8c895ef61dac7c284a6f919f9248bbe1f9136c6c9f3cee20baa3b255f08c5a6
s390
kdegraphics-3.3.1-3.4.s390.rpm	SHA-256: 6749722ff69c84fc99f746f89ee47e859d64132dccae657f17a3242230bc49f4
kdegraphics-devel-3.3.1-3.4.s390.rpm	SHA-256: f95a3e9f4db14126830ab2c263964229bb48bcccecbc94e19b603e1bf15f143d

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kdegraphics-3.3.1-3.4.src.rpm	SHA-256: f03bbf608b45028f94aacf2ad43e676332dd31c01907d900449ff6f3fb3f5803
ppc
kdegraphics-3.3.1-3.4.ppc.rpm	SHA-256: bc9d2406a117ef1707c8bd990686a23a139d50c49de5e7525ef644fd881ef43a
kdegraphics-devel-3.3.1-3.4.ppc.rpm	SHA-256: 7d0a8add443f9e9afaef2c6d3b120468079e280a15e969c7563d48e7eb3f9178

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories