Red Hat Product Errata RHSA-2006:0262 - Security Advisory
Issued:
2006-03-09
Updated:
2006-03-09

RHSA-2006:0262 - Security Advisory

Synopsis

kdegraphics security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kdegraphics packages that fully resolve a security issue in kpdf
are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a PDF file viewer.

Marcelo Ricardo Leitner discovered that a kpdf security fix, CVE-2005-3627,
was incomplete. Red Hat issued kdegraphics packages with this incomplete
fix in RHSA-2005:868. An attacker could construct a carefully crafted PDF
file that could cause kpdf to crash or possibly execute arbitrary code when
opened. The Common Vulnerabilities and Exposures project assigned the name
CVE-2006-0746 to this issue.

Users of kpdf should upgrade to these updated packages, which contain a
backported patch to resolve this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

Red Hat Enterprise Linux Server 4

SRPM
kdegraphics-3.3.1-3.9.src.rpm SHA-256: 9ec11a2859ecd256ad61cc82908130ce1012a33de34632efdb9626b26b1997a5
x86_64
kdegraphics-3.3.1-3.9.x86_64.rpm SHA-256: 0f18a9129fbda3d5717d0035458a51414cfd75ceb3a82df4bbb06dab8d81208f
kdegraphics-3.3.1-3.9.x86_64.rpm SHA-256: 0f18a9129fbda3d5717d0035458a51414cfd75ceb3a82df4bbb06dab8d81208f
kdegraphics-devel-3.3.1-3.9.x86_64.rpm SHA-256: 815140e3023425a35325efc5003a16b08c706abb10b72a388f703c1ceab8089e
kdegraphics-devel-3.3.1-3.9.x86_64.rpm SHA-256: 815140e3023425a35325efc5003a16b08c706abb10b72a388f703c1ceab8089e
ia64
kdegraphics-3.3.1-3.9.ia64.rpm SHA-256: e9ec99f6fa60a4ca6f5fe71d4f6fd5ef776c512fc069787a8bb31e8654ff8173
kdegraphics-3.3.1-3.9.ia64.rpm SHA-256: e9ec99f6fa60a4ca6f5fe71d4f6fd5ef776c512fc069787a8bb31e8654ff8173
kdegraphics-devel-3.3.1-3.9.ia64.rpm SHA-256: e15e0d031fd3a0907c1270a8cc9101d7ca1e427f64f319b3deb13a6b47d20fa8
kdegraphics-devel-3.3.1-3.9.ia64.rpm SHA-256: e15e0d031fd3a0907c1270a8cc9101d7ca1e427f64f319b3deb13a6b47d20fa8
i386
kdegraphics-3.3.1-3.9.i386.rpm SHA-256: e63f87fd3f949b8372bbdf22a048d8694d6223e4762c8d5a52040a24cd98333e
kdegraphics-3.3.1-3.9.i386.rpm SHA-256: e63f87fd3f949b8372bbdf22a048d8694d6223e4762c8d5a52040a24cd98333e
kdegraphics-devel-3.3.1-3.9.i386.rpm SHA-256: ff1f1d08e2bc780fdd774e04f08ab679bca6977533ae9f93cc56a047c82fbfdb
kdegraphics-devel-3.3.1-3.9.i386.rpm SHA-256: ff1f1d08e2bc780fdd774e04f08ab679bca6977533ae9f93cc56a047c82fbfdb

Red Hat Enterprise Linux Workstation 4

SRPM
kdegraphics-3.3.1-3.9.src.rpm SHA-256: 9ec11a2859ecd256ad61cc82908130ce1012a33de34632efdb9626b26b1997a5
x86_64
kdegraphics-3.3.1-3.9.x86_64.rpm SHA-256: 0f18a9129fbda3d5717d0035458a51414cfd75ceb3a82df4bbb06dab8d81208f
kdegraphics-devel-3.3.1-3.9.x86_64.rpm SHA-256: 815140e3023425a35325efc5003a16b08c706abb10b72a388f703c1ceab8089e
ia64
kdegraphics-3.3.1-3.9.ia64.rpm SHA-256: e9ec99f6fa60a4ca6f5fe71d4f6fd5ef776c512fc069787a8bb31e8654ff8173
kdegraphics-devel-3.3.1-3.9.ia64.rpm SHA-256: e15e0d031fd3a0907c1270a8cc9101d7ca1e427f64f319b3deb13a6b47d20fa8
i386
kdegraphics-3.3.1-3.9.i386.rpm SHA-256: e63f87fd3f949b8372bbdf22a048d8694d6223e4762c8d5a52040a24cd98333e
kdegraphics-devel-3.3.1-3.9.i386.rpm SHA-256: ff1f1d08e2bc780fdd774e04f08ab679bca6977533ae9f93cc56a047c82fbfdb

Red Hat Enterprise Linux Desktop 4

SRPM
kdegraphics-3.3.1-3.9.src.rpm SHA-256: 9ec11a2859ecd256ad61cc82908130ce1012a33de34632efdb9626b26b1997a5
x86_64
kdegraphics-3.3.1-3.9.x86_64.rpm SHA-256: 0f18a9129fbda3d5717d0035458a51414cfd75ceb3a82df4bbb06dab8d81208f
kdegraphics-devel-3.3.1-3.9.x86_64.rpm SHA-256: 815140e3023425a35325efc5003a16b08c706abb10b72a388f703c1ceab8089e
i386
kdegraphics-3.3.1-3.9.i386.rpm SHA-256: e63f87fd3f949b8372bbdf22a048d8694d6223e4762c8d5a52040a24cd98333e
kdegraphics-devel-3.3.1-3.9.i386.rpm SHA-256: ff1f1d08e2bc780fdd774e04f08ab679bca6977533ae9f93cc56a047c82fbfdb

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kdegraphics-3.3.1-3.9.src.rpm SHA-256: 9ec11a2859ecd256ad61cc82908130ce1012a33de34632efdb9626b26b1997a5
s390x
kdegraphics-3.3.1-3.9.s390x.rpm SHA-256: 703e3b042df2b626bc8b97cbb56037f5e6730e06ca93100204997a41e8e48268
kdegraphics-devel-3.3.1-3.9.s390x.rpm SHA-256: 4139a5ae437ee546db502aa497b2df6515b31ea7a42dde50f9160b3631be8b8c
s390
kdegraphics-3.3.1-3.9.s390.rpm SHA-256: 6f403a309877cdc9691319667d027ddb9e97b195e26f11e88bd1c16ab8fead2c
kdegraphics-devel-3.3.1-3.9.s390.rpm SHA-256: aaef64e0084c24d1201a4cf807dddcf8f310ef5becaf66079c29e5ffa7e9df4c

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kdegraphics-3.3.1-3.9.src.rpm SHA-256: 9ec11a2859ecd256ad61cc82908130ce1012a33de34632efdb9626b26b1997a5
ppc
kdegraphics-3.3.1-3.9.ppc.rpm SHA-256: 815995445f0aa705495f31a8603f2beaece74af8fd543a209854d06f9c7d4517
kdegraphics-devel-3.3.1-3.9.ppc.rpm SHA-256: ec92c87ab02478edebc132f710352c985cf3c815738e05f878404ccbf699def1

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.