Red Hat Product Errata RHSA-2006:0206 - Security Advisory
Issued:
2006-02-13
Updated:
2006-02-13

RHSA-2006:0206 - Security Advisory

Synopsis

kdegraphics security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kdegraphics packages that resolve a security issue in kpdf are now
available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.

A heap based buffer overflow bug was discovered in kpdf. An attacker could
construct a carefully crafted PDF file that could cause kpdf to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project assigned the name CVE-2006-0301 to this issue.

Users of kpdf should upgrade to these updated packages, which contain a
backported patch to resolve this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

  • BZ - 179055 - CVE-2006-0301 PDF splash handling heap overflow

References

(none)

Red Hat Enterprise Linux Server 4

SRPM
kdegraphics-3.3.1-3.7.src.rpm SHA-256: cdcb65c3f6d1b1d7781955af725f03ead5f27cbea43cd46271c24e1490f647a8
x86_64
kdegraphics-3.3.1-3.7.x86_64.rpm SHA-256: 767d3efb6ec22e03a169ead46b6fc5f1e343a7ac8e7d774ec120698ff42a4a90
kdegraphics-3.3.1-3.7.x86_64.rpm SHA-256: 767d3efb6ec22e03a169ead46b6fc5f1e343a7ac8e7d774ec120698ff42a4a90
kdegraphics-devel-3.3.1-3.7.x86_64.rpm SHA-256: a6333cfe763a746aa7e649c71c5c019891781379265f46f0837d25dea5eb2d99
kdegraphics-devel-3.3.1-3.7.x86_64.rpm SHA-256: a6333cfe763a746aa7e649c71c5c019891781379265f46f0837d25dea5eb2d99
ia64
kdegraphics-3.3.1-3.7.ia64.rpm SHA-256: c83dbcfec3faa49f3b14981c9067620bbff9a3cbff4e02c6b9802a7efa8bb33d
kdegraphics-3.3.1-3.7.ia64.rpm SHA-256: c83dbcfec3faa49f3b14981c9067620bbff9a3cbff4e02c6b9802a7efa8bb33d
kdegraphics-devel-3.3.1-3.7.ia64.rpm SHA-256: c28d3f4f4902a39eaf55f49e2f31d437cccbdd806cb3d854ec206f0c76efaedf
kdegraphics-devel-3.3.1-3.7.ia64.rpm SHA-256: c28d3f4f4902a39eaf55f49e2f31d437cccbdd806cb3d854ec206f0c76efaedf
i386
kdegraphics-3.3.1-3.7.i386.rpm SHA-256: 445e67f3a2d83682f0e76406207fe974bc48e4813ee739425bdcc65e5ce10bd1
kdegraphics-3.3.1-3.7.i386.rpm SHA-256: 445e67f3a2d83682f0e76406207fe974bc48e4813ee739425bdcc65e5ce10bd1
kdegraphics-devel-3.3.1-3.7.i386.rpm SHA-256: e9d6e92eec1357dd01d340c47576ba7a8acb1bd76f8f0e52fcd42a3ad691f211
kdegraphics-devel-3.3.1-3.7.i386.rpm SHA-256: e9d6e92eec1357dd01d340c47576ba7a8acb1bd76f8f0e52fcd42a3ad691f211

Red Hat Enterprise Linux Workstation 4

SRPM
kdegraphics-3.3.1-3.7.src.rpm SHA-256: cdcb65c3f6d1b1d7781955af725f03ead5f27cbea43cd46271c24e1490f647a8
x86_64
kdegraphics-3.3.1-3.7.x86_64.rpm SHA-256: 767d3efb6ec22e03a169ead46b6fc5f1e343a7ac8e7d774ec120698ff42a4a90
kdegraphics-devel-3.3.1-3.7.x86_64.rpm SHA-256: a6333cfe763a746aa7e649c71c5c019891781379265f46f0837d25dea5eb2d99
ia64
kdegraphics-3.3.1-3.7.ia64.rpm SHA-256: c83dbcfec3faa49f3b14981c9067620bbff9a3cbff4e02c6b9802a7efa8bb33d
kdegraphics-devel-3.3.1-3.7.ia64.rpm SHA-256: c28d3f4f4902a39eaf55f49e2f31d437cccbdd806cb3d854ec206f0c76efaedf
i386
kdegraphics-3.3.1-3.7.i386.rpm SHA-256: 445e67f3a2d83682f0e76406207fe974bc48e4813ee739425bdcc65e5ce10bd1
kdegraphics-devel-3.3.1-3.7.i386.rpm SHA-256: e9d6e92eec1357dd01d340c47576ba7a8acb1bd76f8f0e52fcd42a3ad691f211

Red Hat Enterprise Linux Desktop 4

SRPM
kdegraphics-3.3.1-3.7.src.rpm SHA-256: cdcb65c3f6d1b1d7781955af725f03ead5f27cbea43cd46271c24e1490f647a8
x86_64
kdegraphics-3.3.1-3.7.x86_64.rpm SHA-256: 767d3efb6ec22e03a169ead46b6fc5f1e343a7ac8e7d774ec120698ff42a4a90
kdegraphics-devel-3.3.1-3.7.x86_64.rpm SHA-256: a6333cfe763a746aa7e649c71c5c019891781379265f46f0837d25dea5eb2d99
i386
kdegraphics-3.3.1-3.7.i386.rpm SHA-256: 445e67f3a2d83682f0e76406207fe974bc48e4813ee739425bdcc65e5ce10bd1
kdegraphics-devel-3.3.1-3.7.i386.rpm SHA-256: e9d6e92eec1357dd01d340c47576ba7a8acb1bd76f8f0e52fcd42a3ad691f211

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kdegraphics-3.3.1-3.7.src.rpm SHA-256: cdcb65c3f6d1b1d7781955af725f03ead5f27cbea43cd46271c24e1490f647a8
s390x
kdegraphics-3.3.1-3.7.s390x.rpm SHA-256: 4eb5b38c7ee96d8d7d202ddf9c56c5bb63b5922b6ee0d008fe35f15e22e173ad
kdegraphics-devel-3.3.1-3.7.s390x.rpm SHA-256: 5bd0b4a3963e20ea195c17643434ffcd55ad2d22f0fc2747ea098527de6521c5
s390
kdegraphics-3.3.1-3.7.s390.rpm SHA-256: 044a663f2fc5f8695b5616bb23353983260dd1ed9200b0f92f0bb0bf503e68e1
kdegraphics-devel-3.3.1-3.7.s390.rpm SHA-256: b93b475f7f4a9b569f0c05da87fad742155aaeb1c6a368fa438fccdc74541caf

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kdegraphics-3.3.1-3.7.src.rpm SHA-256: cdcb65c3f6d1b1d7781955af725f03ead5f27cbea43cd46271c24e1490f647a8
ppc
kdegraphics-3.3.1-3.7.ppc.rpm SHA-256: 20f6d68c8cc659af664e6ce9797be607a0177ed114c32e4ad4657ddf24cfeef7
kdegraphics-devel-3.3.1-3.7.ppc.rpm SHA-256: eb9953390a26e839622c5aa8c4da025dd984b9cebbb793414f814329c1533553

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.