Red Hat Product Errata RHSA-2007:0729 - Security Advisory

Issued:: 2007-07-30
Updated:: 2007-07-30

RHSA-2007:0729 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kdegraphics security update

Type/Severity

Security Advisory: Important

Topic

Updated kdegraphics packages that fix a security issue in PDF handling are
now available for Red Hat Enterprise Linux 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a PDF file viewer.

Maurycy Prodeus discovered an integer overflow flaw in the processing
of PDF files. An attacker could create a malicious PDF file that would
cause kpdf to crash or potentially execute arbitrary code when opened.
(CVE-2007-3387)

All users of kdegraphics should upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server - Extended Update Support 4.5 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 4.5 ia64
Red Hat Enterprise Linux Server - Extended Update Support 4.5 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 248194 - CVE-2007-3387 xpdf integer overflow

CVEs

CVE-2007-3387

References

http://www.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
kdegraphics-3.5.4-2.el5.src.rpm	SHA-256: fdd8763760a40efc7e26ec9dc8ada2054955ea6715b2009aa7c36d4c3b6a5a9a
x86_64
kdegraphics-3.5.4-2.el5.x86_64.rpm	SHA-256: 9eb0e8ff0ff6f7fad609de316e00961b5787b81acfbd61a385aec2241c0548d4
kdegraphics-devel-3.5.4-2.el5.i386.rpm	SHA-256: dd8222cdd12da63949181c3a410290ef49f5e64e80de79e9140d2800b9000712
kdegraphics-devel-3.5.4-2.el5.x86_64.rpm	SHA-256: a6e0585f07eb2706de3a855b3c3c0b2ae9fe205fe48a77ad93e890235ef1704d
i386
kdegraphics-3.5.4-2.el5.i386.rpm	SHA-256: b31e9e8f60b9cb57d3b02a33ce92cca97ea29d94597fc031da95cb4132b85c6d
kdegraphics-devel-3.5.4-2.el5.i386.rpm	SHA-256: dd8222cdd12da63949181c3a410290ef49f5e64e80de79e9140d2800b9000712

Red Hat Enterprise Linux Server 4

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
x86_64
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: a8b010855d9232db6a3835ce4bd0b35912e0237571757227601f276ae4d324f7
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: a8b010855d9232db6a3835ce4bd0b35912e0237571757227601f276ae4d324f7
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: 2890be07865b0235789da90c8760c87dc29709edb33cb62624d5fa83bcfd6fd6
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: 2890be07865b0235789da90c8760c87dc29709edb33cb62624d5fa83bcfd6fd6
ia64
kdegraphics-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 94ebddf04376404b786164d28652311395aa9bd09f0a58cfa186ffc662649380
kdegraphics-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 94ebddf04376404b786164d28652311395aa9bd09f0a58cfa186ffc662649380
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 8e6890b9cf1ae1da7f04db70e43a67b95b24df2ff3930ec40146330b2945b082
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 8e6890b9cf1ae1da7f04db70e43a67b95b24df2ff3930ec40146330b2945b082
i386
kdegraphics-3.3.1-4.RHEL4.i386.rpm	SHA-256: 2d173ac0621e3e28c3d533b8004a614e4354a89b04e4a0995629c80e520a9259
kdegraphics-3.3.1-4.RHEL4.i386.rpm	SHA-256: 2d173ac0621e3e28c3d533b8004a614e4354a89b04e4a0995629c80e520a9259
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm	SHA-256: e09a404b4393d4dfdac48a67cb58d771a32f6fc3e0fb89002aa5448bad724680
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm	SHA-256: e09a404b4393d4dfdac48a67cb58d771a32f6fc3e0fb89002aa5448bad724680

Red Hat Enterprise Linux Server - Extended Update Support 4.5

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
x86_64
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: a8b010855d9232db6a3835ce4bd0b35912e0237571757227601f276ae4d324f7
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: a8b010855d9232db6a3835ce4bd0b35912e0237571757227601f276ae4d324f7
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: 2890be07865b0235789da90c8760c87dc29709edb33cb62624d5fa83bcfd6fd6
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: 2890be07865b0235789da90c8760c87dc29709edb33cb62624d5fa83bcfd6fd6
ia64
kdegraphics-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 94ebddf04376404b786164d28652311395aa9bd09f0a58cfa186ffc662649380
kdegraphics-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 94ebddf04376404b786164d28652311395aa9bd09f0a58cfa186ffc662649380
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 8e6890b9cf1ae1da7f04db70e43a67b95b24df2ff3930ec40146330b2945b082
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 8e6890b9cf1ae1da7f04db70e43a67b95b24df2ff3930ec40146330b2945b082
i386
kdegraphics-3.3.1-4.RHEL4.i386.rpm	SHA-256: 2d173ac0621e3e28c3d533b8004a614e4354a89b04e4a0995629c80e520a9259
kdegraphics-3.3.1-4.RHEL4.i386.rpm	SHA-256: 2d173ac0621e3e28c3d533b8004a614e4354a89b04e4a0995629c80e520a9259
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm	SHA-256: e09a404b4393d4dfdac48a67cb58d771a32f6fc3e0fb89002aa5448bad724680
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm	SHA-256: e09a404b4393d4dfdac48a67cb58d771a32f6fc3e0fb89002aa5448bad724680

Red Hat Enterprise Linux Workstation 5

SRPM
kdegraphics-3.5.4-2.el5.src.rpm	SHA-256: fdd8763760a40efc7e26ec9dc8ada2054955ea6715b2009aa7c36d4c3b6a5a9a
x86_64
kdegraphics-3.5.4-2.el5.x86_64.rpm	SHA-256: 9eb0e8ff0ff6f7fad609de316e00961b5787b81acfbd61a385aec2241c0548d4
kdegraphics-devel-3.5.4-2.el5.i386.rpm	SHA-256: dd8222cdd12da63949181c3a410290ef49f5e64e80de79e9140d2800b9000712
kdegraphics-devel-3.5.4-2.el5.x86_64.rpm	SHA-256: a6e0585f07eb2706de3a855b3c3c0b2ae9fe205fe48a77ad93e890235ef1704d
i386
kdegraphics-3.5.4-2.el5.i386.rpm	SHA-256: b31e9e8f60b9cb57d3b02a33ce92cca97ea29d94597fc031da95cb4132b85c6d
kdegraphics-devel-3.5.4-2.el5.i386.rpm	SHA-256: dd8222cdd12da63949181c3a410290ef49f5e64e80de79e9140d2800b9000712

Red Hat Enterprise Linux Workstation 4

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
x86_64
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: a8b010855d9232db6a3835ce4bd0b35912e0237571757227601f276ae4d324f7
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: 2890be07865b0235789da90c8760c87dc29709edb33cb62624d5fa83bcfd6fd6
ia64
kdegraphics-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 94ebddf04376404b786164d28652311395aa9bd09f0a58cfa186ffc662649380
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm	SHA-256: 8e6890b9cf1ae1da7f04db70e43a67b95b24df2ff3930ec40146330b2945b082
i386
kdegraphics-3.3.1-4.RHEL4.i386.rpm	SHA-256: 2d173ac0621e3e28c3d533b8004a614e4354a89b04e4a0995629c80e520a9259
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm	SHA-256: e09a404b4393d4dfdac48a67cb58d771a32f6fc3e0fb89002aa5448bad724680

Red Hat Enterprise Linux Desktop 5

SRPM
kdegraphics-3.5.4-2.el5.src.rpm	SHA-256: fdd8763760a40efc7e26ec9dc8ada2054955ea6715b2009aa7c36d4c3b6a5a9a
x86_64
kdegraphics-3.5.4-2.el5.x86_64.rpm	SHA-256: 9eb0e8ff0ff6f7fad609de316e00961b5787b81acfbd61a385aec2241c0548d4
i386
kdegraphics-3.5.4-2.el5.i386.rpm	SHA-256: b31e9e8f60b9cb57d3b02a33ce92cca97ea29d94597fc031da95cb4132b85c6d

Red Hat Enterprise Linux Desktop 4

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
x86_64
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: a8b010855d9232db6a3835ce4bd0b35912e0237571757227601f276ae4d324f7
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm	SHA-256: 2890be07865b0235789da90c8760c87dc29709edb33cb62624d5fa83bcfd6fd6
i386
kdegraphics-3.3.1-4.RHEL4.i386.rpm	SHA-256: 2d173ac0621e3e28c3d533b8004a614e4354a89b04e4a0995629c80e520a9259
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm	SHA-256: e09a404b4393d4dfdac48a67cb58d771a32f6fc3e0fb89002aa5448bad724680

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
s390x
kdegraphics-3.3.1-4.RHEL4.s390x.rpm	SHA-256: 12fc026a085e8f0d33cbdfe085a31990838b217cf510adb0d63e97d534171824
kdegraphics-devel-3.3.1-4.RHEL4.s390x.rpm	SHA-256: 0b1ec81762ebf256026417b9f86e08c630b494db486fe71f28c256c1ff559160
s390
kdegraphics-3.3.1-4.RHEL4.s390.rpm	SHA-256: af569d4e494290a3585f9b9c18bbd625b492e0d9ba18d55cab146db44ee427e8
kdegraphics-devel-3.3.1-4.RHEL4.s390.rpm	SHA-256: 2bc49fe0117d52ca01c6b31ad22a3d2600d34cd02db5fcec16be5342730c79a7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
s390x
kdegraphics-3.3.1-4.RHEL4.s390x.rpm	SHA-256: 12fc026a085e8f0d33cbdfe085a31990838b217cf510adb0d63e97d534171824
kdegraphics-devel-3.3.1-4.RHEL4.s390x.rpm	SHA-256: 0b1ec81762ebf256026417b9f86e08c630b494db486fe71f28c256c1ff559160
s390
kdegraphics-3.3.1-4.RHEL4.s390.rpm	SHA-256: af569d4e494290a3585f9b9c18bbd625b492e0d9ba18d55cab146db44ee427e8
kdegraphics-devel-3.3.1-4.RHEL4.s390.rpm	SHA-256: 2bc49fe0117d52ca01c6b31ad22a3d2600d34cd02db5fcec16be5342730c79a7

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
ppc
kdegraphics-3.3.1-4.RHEL4.ppc.rpm	SHA-256: 6d44b20a73286a247875d384713f8833783fe4454baaeced490749ac253a30d0
kdegraphics-devel-3.3.1-4.RHEL4.ppc.rpm	SHA-256: f94a6d80519a92db46f25d80bbef72a216a7cce56ee1921f15ee23dbbbdb55a3

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5

SRPM
kdegraphics-3.3.1-4.RHEL4.src.rpm	SHA-256: 00431f3744fe4097584ac3c3b53af24cca743d86bea4622ea00f16b72ff7525a
ppc
kdegraphics-3.3.1-4.RHEL4.ppc.rpm	SHA-256: 6d44b20a73286a247875d384713f8833783fe4454baaeced490749ac253a30d0
kdegraphics-devel-3.3.1-4.RHEL4.ppc.rpm	SHA-256: f94a6d80519a92db46f25d80bbef72a216a7cce56ee1921f15ee23dbbbdb55a3

Red Hat Enterprise Linux Server from RHUI 5

SRPM
kdegraphics-3.5.4-2.el5.src.rpm	SHA-256: fdd8763760a40efc7e26ec9dc8ada2054955ea6715b2009aa7c36d4c3b6a5a9a
x86_64
kdegraphics-3.5.4-2.el5.x86_64.rpm	SHA-256: 9eb0e8ff0ff6f7fad609de316e00961b5787b81acfbd61a385aec2241c0548d4
kdegraphics-devel-3.5.4-2.el5.i386.rpm	SHA-256: dd8222cdd12da63949181c3a410290ef49f5e64e80de79e9140d2800b9000712
kdegraphics-devel-3.5.4-2.el5.x86_64.rpm	SHA-256: a6e0585f07eb2706de3a855b3c3c0b2ae9fe205fe48a77ad93e890235ef1704d
i386
kdegraphics-3.5.4-2.el5.i386.rpm	SHA-256: b31e9e8f60b9cb57d3b02a33ce92cca97ea29d94597fc031da95cb4132b85c6d
kdegraphics-devel-3.5.4-2.el5.i386.rpm	SHA-256: dd8222cdd12da63949181c3a410290ef49f5e64e80de79e9140d2800b9000712

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories