Skip to navigation

Security Advisory Important: kdegraphics security update

Advisory: RHSA-2007:0729-2
Type: Security Advisory
Severity: Important
Issued on: 2007-07-30
Last updated on: 2007-07-30
Affected Products: RHEL Desktop Workstation (v. 5 client)
RHEL Optional Productivity Applications (v. 5 server)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.5.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.5.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2007-3387

Details

Updated kdegraphics packages that fix a security issue in PDF handling are
now available for Red Hat Enterprise Linux 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a PDF file viewer.

Maurycy Prodeus discovered an integer overflow flaw in the processing
of PDF files. An attacker could create a malicious PDF file that would
cause kpdf to crash or potentially execute arbitrary code when opened.
(CVE-2007-3387)

All users of kdegraphics should upgrade to these updated packages, which
contain a backported patch to resolve this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
kdegraphics-3.5.4-2.el5.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: 449672b607d1b707bdc3bab763b4828e
 
IA-32:
kdegraphics-devel-3.5.4-2.el5.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 98ce8d56bf736e4fea3489797ff7f349
 
x86_64:
kdegraphics-devel-3.5.4-2.el5.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 98ce8d56bf736e4fea3489797ff7f349
kdegraphics-devel-3.5.4-2.el5.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: 72a9c49a87f2fc072084cb51c4c7caea
 
RHEL Optional Productivity Applications (v. 5 server)

SRPMS:
kdegraphics-3.5.4-2.el5.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: 449672b607d1b707bdc3bab763b4828e
 
IA-32:
kdegraphics-3.5.4-2.el5.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 26f52902c9f59744d25620f281eb47b8
kdegraphics-devel-3.5.4-2.el5.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 98ce8d56bf736e4fea3489797ff7f349
 
x86_64:
kdegraphics-3.5.4-2.el5.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: f3c5a0c8328efe296bfaa1841fafca7b
kdegraphics-devel-3.5.4-2.el5.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 98ce8d56bf736e4fea3489797ff7f349
kdegraphics-devel-3.5.4-2.el5.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: 72a9c49a87f2fc072084cb51c4c7caea
 
Red Hat Desktop (v. 4)

SRPMS:
kdegraphics-3.3.1-4.RHEL4.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: b78ba0835fce93f721febd51318c1db6
 
IA-32:
kdegraphics-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 88544438bb972a546c374cbcb53f8956
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 178baf61f8c682d2ba9d9031afa23657
 
x86_64:
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: ca58ec39be68af1a6cacb443a3fc5615
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: da78236e6660e3bf558f923aa3bb59f9
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
kdegraphics-3.3.1-4.RHEL4.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: b78ba0835fce93f721febd51318c1db6
 
IA-32:
kdegraphics-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 88544438bb972a546c374cbcb53f8956
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 178baf61f8c682d2ba9d9031afa23657
 
IA-64:
kdegraphics-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2010:0753
    MD5: b114dcd33743deb25c856ea3cf7b545a
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2010:0753
    MD5: 3381a1ff9e438b77d4905f9803c05b42
 
PPC:
kdegraphics-3.3.1-4.RHEL4.ppc.rpm
File outdated by:  RHSA-2010:0753
    MD5: edab6a600164ee482d1d55171120c07b
kdegraphics-devel-3.3.1-4.RHEL4.ppc.rpm
File outdated by:  RHSA-2010:0753
    MD5: ca631d25d2471b473a33bde34f13d405
 
s390:
kdegraphics-3.3.1-4.RHEL4.s390.rpm
File outdated by:  RHSA-2010:0753
    MD5: 2cf1fe87e50f7f480ac2321e47adf907
kdegraphics-devel-3.3.1-4.RHEL4.s390.rpm
File outdated by:  RHSA-2010:0753
    MD5: ff1a5a0c545d4118f6aee59aaa3d57dc
 
s390x:
kdegraphics-3.3.1-4.RHEL4.s390x.rpm
File outdated by:  RHSA-2010:0753
    MD5: 8eed01e12376df9e2f924338882e1e5a
kdegraphics-devel-3.3.1-4.RHEL4.s390x.rpm
File outdated by:  RHSA-2010:0753
    MD5: 9361e2e1aac6fa7974e164a7a57c9688
 
x86_64:
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: ca58ec39be68af1a6cacb443a3fc5615
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: da78236e6660e3bf558f923aa3bb59f9
 
Red Hat Enterprise Linux AS (v. 4.5.z)

SRPMS:
kdegraphics-3.3.1-4.RHEL4.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: b78ba0835fce93f721febd51318c1db6
 
IA-32:
kdegraphics-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2007:1024
    MD5: 88544438bb972a546c374cbcb53f8956
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2007:1024
    MD5: 178baf61f8c682d2ba9d9031afa23657
 
IA-64:
kdegraphics-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2007:1024
    MD5: b114dcd33743deb25c856ea3cf7b545a
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2007:1024
    MD5: 3381a1ff9e438b77d4905f9803c05b42
 
PPC:
kdegraphics-3.3.1-4.RHEL4.ppc.rpm
File outdated by:  RHSA-2007:1024
    MD5: edab6a600164ee482d1d55171120c07b
kdegraphics-devel-3.3.1-4.RHEL4.ppc.rpm
File outdated by:  RHSA-2007:1024
    MD5: ca631d25d2471b473a33bde34f13d405
 
s390:
kdegraphics-3.3.1-4.RHEL4.s390.rpm
File outdated by:  RHSA-2007:1024
    MD5: 2cf1fe87e50f7f480ac2321e47adf907
kdegraphics-devel-3.3.1-4.RHEL4.s390.rpm
File outdated by:  RHSA-2007:1024
    MD5: ff1a5a0c545d4118f6aee59aaa3d57dc
 
s390x:
kdegraphics-3.3.1-4.RHEL4.s390x.rpm
File outdated by:  RHSA-2007:1024
    MD5: 8eed01e12376df9e2f924338882e1e5a
kdegraphics-devel-3.3.1-4.RHEL4.s390x.rpm
File outdated by:  RHSA-2007:1024
    MD5: 9361e2e1aac6fa7974e164a7a57c9688
 
x86_64:
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2007:1024
    MD5: ca58ec39be68af1a6cacb443a3fc5615
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2007:1024
    MD5: da78236e6660e3bf558f923aa3bb59f9
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
kdegraphics-3.5.4-2.el5.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: 449672b607d1b707bdc3bab763b4828e
 
IA-32:
kdegraphics-3.5.4-2.el5.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 26f52902c9f59744d25620f281eb47b8
 
x86_64:
kdegraphics-3.5.4-2.el5.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: f3c5a0c8328efe296bfaa1841fafca7b
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
kdegraphics-3.3.1-4.RHEL4.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: b78ba0835fce93f721febd51318c1db6
 
IA-32:
kdegraphics-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 88544438bb972a546c374cbcb53f8956
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 178baf61f8c682d2ba9d9031afa23657
 
IA-64:
kdegraphics-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2010:0753
    MD5: b114dcd33743deb25c856ea3cf7b545a
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2010:0753
    MD5: 3381a1ff9e438b77d4905f9803c05b42
 
x86_64:
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: ca58ec39be68af1a6cacb443a3fc5615
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: da78236e6660e3bf558f923aa3bb59f9
 
Red Hat Enterprise Linux ES (v. 4.5.z)

SRPMS:
kdegraphics-3.3.1-4.RHEL4.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: b78ba0835fce93f721febd51318c1db6
 
IA-32:
kdegraphics-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2007:1024
    MD5: 88544438bb972a546c374cbcb53f8956
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2007:1024
    MD5: 178baf61f8c682d2ba9d9031afa23657
 
IA-64:
kdegraphics-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2007:1024
    MD5: b114dcd33743deb25c856ea3cf7b545a
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2007:1024
    MD5: 3381a1ff9e438b77d4905f9803c05b42
 
x86_64:
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2007:1024
    MD5: ca58ec39be68af1a6cacb443a3fc5615
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2007:1024
    MD5: da78236e6660e3bf558f923aa3bb59f9
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
kdegraphics-3.3.1-4.RHEL4.src.rpm
File outdated by:  RHSA-2010:0753
    MD5: b78ba0835fce93f721febd51318c1db6
 
IA-32:
kdegraphics-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 88544438bb972a546c374cbcb53f8956
kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm
File outdated by:  RHSA-2010:0753
    MD5: 178baf61f8c682d2ba9d9031afa23657
 
IA-64:
kdegraphics-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2010:0753
    MD5: b114dcd33743deb25c856ea3cf7b545a
kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm
File outdated by:  RHSA-2010:0753
    MD5: 3381a1ff9e438b77d4905f9803c05b42
 
x86_64:
kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: ca58ec39be68af1a6cacb443a3fc5615
kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm
File outdated by:  RHSA-2010:0753
    MD5: da78236e6660e3bf558f923aa3bb59f9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

248194 - CVE-2007-3387 xpdf integer overflow


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/