Issued:
2005-12-20
Updated:
2005-12-20

RHSA-2005:868 - Security Advisory

Synopsis

kdegraphics security update

Type/Severity

Security Advisory: Important

Topic

Updated kdegraphics packages that resolve several security issues in kpdf
are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.

Several flaws were discovered in kpdf. An attacker could construct a
carefully crafted PDF file that could cause kpdf to crash or possibly
execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project assigned the names CVE-2005-3191, CVE-2005-3192, and
CVE-2005-3193 to these issues.

Users of kpdf should upgrade to these updated packages, which contain a
backported patch to resolve these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

  • BZ - 175105 - CVE-2005-3193 xpdf issues (CVE-2005-3191 CVE-2005-3192)

CVEs

References

(none)

Red Hat Enterprise Linux Server 4

SRPM
kdegraphics-3.3.1-3.6.src.rpm SHA-256: 152155fff17f966a97bba964bb5765110407a140c7a5ce0f99fffa6fddbc50ea
x86_64
kdegraphics-3.3.1-3.6.x86_64.rpm SHA-256: 92da9ed79a0bc437f71ead369a9ed569c0dffa0b8daf442f4db5f2927b986faa
kdegraphics-3.3.1-3.6.x86_64.rpm SHA-256: 92da9ed79a0bc437f71ead369a9ed569c0dffa0b8daf442f4db5f2927b986faa
kdegraphics-devel-3.3.1-3.6.x86_64.rpm SHA-256: b8bfbba8deea404b652b78ebc1f0f897b26d64f193186ee0d2ed628344053fef
kdegraphics-devel-3.3.1-3.6.x86_64.rpm SHA-256: b8bfbba8deea404b652b78ebc1f0f897b26d64f193186ee0d2ed628344053fef
ia64
kdegraphics-3.3.1-3.6.ia64.rpm SHA-256: 063206aeddacdd826e1e6e4e3f88e3e18e514c74a7a496ffdb09f5938286c6d9
kdegraphics-3.3.1-3.6.ia64.rpm SHA-256: 063206aeddacdd826e1e6e4e3f88e3e18e514c74a7a496ffdb09f5938286c6d9
kdegraphics-devel-3.3.1-3.6.ia64.rpm SHA-256: d999a6bd2360df6e10bb0749c4a928f1f0a0d76b2c355f4f1cc8cb48c3afb679
kdegraphics-devel-3.3.1-3.6.ia64.rpm SHA-256: d999a6bd2360df6e10bb0749c4a928f1f0a0d76b2c355f4f1cc8cb48c3afb679
i386
kdegraphics-3.3.1-3.6.i386.rpm SHA-256: 52510e9eac8f4b45e1c572eec2995066fc77d9ae3624493253fbda79392f5efa
kdegraphics-3.3.1-3.6.i386.rpm SHA-256: 52510e9eac8f4b45e1c572eec2995066fc77d9ae3624493253fbda79392f5efa
kdegraphics-devel-3.3.1-3.6.i386.rpm SHA-256: 27584136ed95d664fc778ffbb33905c16b15836fb850a473ded743f189e29d34
kdegraphics-devel-3.3.1-3.6.i386.rpm SHA-256: 27584136ed95d664fc778ffbb33905c16b15836fb850a473ded743f189e29d34

Red Hat Enterprise Linux Workstation 4

SRPM
kdegraphics-3.3.1-3.6.src.rpm SHA-256: 152155fff17f966a97bba964bb5765110407a140c7a5ce0f99fffa6fddbc50ea
x86_64
kdegraphics-3.3.1-3.6.x86_64.rpm SHA-256: 92da9ed79a0bc437f71ead369a9ed569c0dffa0b8daf442f4db5f2927b986faa
kdegraphics-devel-3.3.1-3.6.x86_64.rpm SHA-256: b8bfbba8deea404b652b78ebc1f0f897b26d64f193186ee0d2ed628344053fef
ia64
kdegraphics-3.3.1-3.6.ia64.rpm SHA-256: 063206aeddacdd826e1e6e4e3f88e3e18e514c74a7a496ffdb09f5938286c6d9
kdegraphics-devel-3.3.1-3.6.ia64.rpm SHA-256: d999a6bd2360df6e10bb0749c4a928f1f0a0d76b2c355f4f1cc8cb48c3afb679
i386
kdegraphics-3.3.1-3.6.i386.rpm SHA-256: 52510e9eac8f4b45e1c572eec2995066fc77d9ae3624493253fbda79392f5efa
kdegraphics-devel-3.3.1-3.6.i386.rpm SHA-256: 27584136ed95d664fc778ffbb33905c16b15836fb850a473ded743f189e29d34

Red Hat Enterprise Linux Desktop 4

SRPM
kdegraphics-3.3.1-3.6.src.rpm SHA-256: 152155fff17f966a97bba964bb5765110407a140c7a5ce0f99fffa6fddbc50ea
x86_64
kdegraphics-3.3.1-3.6.x86_64.rpm SHA-256: 92da9ed79a0bc437f71ead369a9ed569c0dffa0b8daf442f4db5f2927b986faa
kdegraphics-devel-3.3.1-3.6.x86_64.rpm SHA-256: b8bfbba8deea404b652b78ebc1f0f897b26d64f193186ee0d2ed628344053fef
i386
kdegraphics-3.3.1-3.6.i386.rpm SHA-256: 52510e9eac8f4b45e1c572eec2995066fc77d9ae3624493253fbda79392f5efa
kdegraphics-devel-3.3.1-3.6.i386.rpm SHA-256: 27584136ed95d664fc778ffbb33905c16b15836fb850a473ded743f189e29d34

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kdegraphics-3.3.1-3.6.src.rpm SHA-256: 152155fff17f966a97bba964bb5765110407a140c7a5ce0f99fffa6fddbc50ea
s390x
kdegraphics-3.3.1-3.6.s390x.rpm SHA-256: 9c6a917324de9accf01b5a4dc6e2461345184692e0b67371dfb1abde616050ae
kdegraphics-devel-3.3.1-3.6.s390x.rpm SHA-256: c6886afd6268b6a327c9a3822e50c6046b03e9b0210858d09bf25272831576f4
s390
kdegraphics-3.3.1-3.6.s390.rpm SHA-256: 1429e7ea8220ed9d5904b23e161429b45f3267647e25b6246f89a9b6c96c50f0
kdegraphics-devel-3.3.1-3.6.s390.rpm SHA-256: ecc963c116268dd9d45575ce3027d36a374bedc6695096b15874f1214fb3ed04

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kdegraphics-3.3.1-3.6.src.rpm SHA-256: 152155fff17f966a97bba964bb5765110407a140c7a5ce0f99fffa6fddbc50ea
ppc
kdegraphics-3.3.1-3.6.ppc.rpm SHA-256: 8e603f47ffb80cf11c03b1ce4813d78d967d8f88ce098cf7ed38b59301630d0f
kdegraphics-devel-3.3.1-3.6.ppc.rpm SHA-256: a7f8fd0880c92fc917e550d44f7dffb22e9a16fcedcc5fa5f4b78a77059e6345

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.