Skip to navigation

Security Advisory Moderate: evince security update

Advisory: RHSA-2011:0009-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-01-06
Last updated on: 2011-01-06
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.0.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2010-2640
CVE-2010-2641
CVE-2010-2642
CVE-2010-2643

Details

Updated evince packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Evince is a document viewer.

An array index error was found in the DeVice Independent (DVI) renderer's
PK and VF font file parsers. A DVI file that references a specially-crafted
font file could, when opened, cause Evince to crash or, potentially,
execute arbitrary code with the privileges of the user running Evince.
(CVE-2010-2640, CVE-2010-2641)

A heap-based buffer overflow flaw was found in the DVI renderer's AFM font
file parser. A DVI file that references a specially-crafted font file
could, when opened, cause Evince to crash or, potentially, execute
arbitrary code with the privileges of the user running Evince.
(CVE-2010-2642)

An integer overflow flaw was found in the DVI renderer's TFM font file
parser. A DVI file that references a specially-crafted font file could,
when opened, cause Evince to crash or, potentially, execute arbitrary code
with the privileges of the user running Evince. (CVE-2010-2643)

Note: The above issues are not exploitable unless an attacker can trick the
user into installing a malicious font file.

Red Hat would like to thank the Evince development team for reporting these
issues. Upstream acknowledges Jon Larimer of IBM X-Force as the original
reporter of these issues.

Users are advised to upgrade to these updated packages, which contain a
backported patch to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
evince-2.28.2-14.el6_0.1.src.rpm     MD5: 1f2c49d0e9c9b2e4d5af6c0320cfd695
SHA-256: dfec53d873ff6808b08ae56a5c45e1c0929c8060e6e1cf7d4478d7ff8f0bd828
 
IA-32:
evince-2.28.2-14.el6_0.1.i686.rpm     MD5: 5733fd98ec0545f68612b93a27b6804d
SHA-256: 4a8b8baec0297330c30b9864deb151af5f201d8538cd273cc65035084750f596
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-dvi-2.28.2-14.el6_0.1.i686.rpm     MD5: ddbdc78b7928c71829450809d676d18b
SHA-256: 363cb5f3c1a2216f92c2a8e54816a0f77c2ef93b4129919c07aa487fb2ba0370
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
 
x86_64:
evince-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 756be64a44df646db0b2f502fef04500
SHA-256: fcdfeda539a5a15aaa375b499b6ca63e834823ca164a2e46a3624a23d25e7ead
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-debuginfo-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 219d43bb0854635c7029ef118571c97c
SHA-256: 5f19fe0ecad22c9a1488a7fa11e7866680011e8e134677e8d199ccc68bc1d678
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-devel-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 30ada2ff738abdc8ea6c21629dbe64a5
SHA-256: 09d315b067b3df6e722f57560f956a8ba83994c54e180d0495e758f0ccae5ec4
evince-dvi-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 917f703a6f9ed53bed5e06fa33321082
SHA-256: 6f2b101b7124cda92c1e3a373515e88ec5861cfbf97cbede6f97eb43d0edc288
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
evince-libs-2.28.2-14.el6_0.1.x86_64.rpm     MD5: c42f0bc8af1ea1d2a4d7753a4fa9f388
SHA-256: 664d3409467b3cf8c4f6e79f22340fe5bfcb61b8d29b9662a8c983cf54e936c0
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
evince-2.28.2-14.el6_0.1.src.rpm     MD5: 1f2c49d0e9c9b2e4d5af6c0320cfd695
SHA-256: dfec53d873ff6808b08ae56a5c45e1c0929c8060e6e1cf7d4478d7ff8f0bd828
 
x86_64:
evince-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 756be64a44df646db0b2f502fef04500
SHA-256: fcdfeda539a5a15aaa375b499b6ca63e834823ca164a2e46a3624a23d25e7ead
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-debuginfo-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 219d43bb0854635c7029ef118571c97c
SHA-256: 5f19fe0ecad22c9a1488a7fa11e7866680011e8e134677e8d199ccc68bc1d678
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-devel-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 30ada2ff738abdc8ea6c21629dbe64a5
SHA-256: 09d315b067b3df6e722f57560f956a8ba83994c54e180d0495e758f0ccae5ec4
evince-dvi-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 917f703a6f9ed53bed5e06fa33321082
SHA-256: 6f2b101b7124cda92c1e3a373515e88ec5861cfbf97cbede6f97eb43d0edc288
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
evince-libs-2.28.2-14.el6_0.1.x86_64.rpm     MD5: c42f0bc8af1ea1d2a4d7753a4fa9f388
SHA-256: 664d3409467b3cf8c4f6e79f22340fe5bfcb61b8d29b9662a8c983cf54e936c0
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
evince-2.28.2-14.el6_0.1.src.rpm     MD5: 1f2c49d0e9c9b2e4d5af6c0320cfd695
SHA-256: dfec53d873ff6808b08ae56a5c45e1c0929c8060e6e1cf7d4478d7ff8f0bd828
 
IA-32:
evince-2.28.2-14.el6_0.1.i686.rpm     MD5: 5733fd98ec0545f68612b93a27b6804d
SHA-256: 4a8b8baec0297330c30b9864deb151af5f201d8538cd273cc65035084750f596
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-dvi-2.28.2-14.el6_0.1.i686.rpm     MD5: ddbdc78b7928c71829450809d676d18b
SHA-256: 363cb5f3c1a2216f92c2a8e54816a0f77c2ef93b4129919c07aa487fb2ba0370
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
 
PPC:
evince-2.28.2-14.el6_0.1.ppc64.rpm     MD5: a6aa5f903434f3a0e6ac31c8a37d0896
SHA-256: ae163e2b8df12620a8876e4e33919c33e9bcb4e54c39861d9f0ea870728138e5
evince-debuginfo-2.28.2-14.el6_0.1.ppc.rpm     MD5: 85f373e30211bd73445f9d06e99a4a87
SHA-256: ec06ff6cc6526f57c8fd9cb379195bbc72f26686f1631adbf575d17f4a8d3f6d
evince-debuginfo-2.28.2-14.el6_0.1.ppc64.rpm     MD5: 8328398be7c3897f8e86b9e5f7b176fc
SHA-256: 4e7590ca2f5681d58d97d2d8159269eb442451f48b65a7cb84681ca974f4636b
evince-devel-2.28.2-14.el6_0.1.ppc.rpm     MD5: d9c36327f2148fa9f506010d8d461876
SHA-256: 04f66de2733fa651e063909ae2244e9990c07021487b614ba2158fc888b76daa
evince-devel-2.28.2-14.el6_0.1.ppc64.rpm     MD5: ac205f0698537e5152df6e7b4888ee2a
SHA-256: 14488b303b3192701c5c373acc12fbbd0330306060e714152f37fcb24aa9a7c9
evince-dvi-2.28.2-14.el6_0.1.ppc64.rpm     MD5: 3a336fb7621d1c414a135de2967f620f
SHA-256: ba0681dd2110a3fdb3da7ed7224131abc9f607bdf8340a1b35c4ceae5b84fcd7
evince-libs-2.28.2-14.el6_0.1.ppc.rpm     MD5: d43671505c6396f15247658dd3f48b9b
SHA-256: 98b90d388920a5fb0ffdbdf64c71dba0627177e2f44ffbeadeb78914a24b2b35
evince-libs-2.28.2-14.el6_0.1.ppc64.rpm     MD5: 33561f35fd108da96c83dcf3a4a29f45
SHA-256: fa1ae24cedf2db6a54172f2c8ba518fad0db754f1e74d03e6407a4711595d942
 
s390x:
evince-2.28.2-14.el6_0.1.s390x.rpm     MD5: 83c6f2872a2dfd03d9fd88ccf4722a73
SHA-256: 40bcaa792631fe411b44eb066c80fa882ba7b18f202fcf93f19ad558d74d7427
evince-debuginfo-2.28.2-14.el6_0.1.s390.rpm     MD5: c068521a84de99345051a03591787914
SHA-256: aa117ff0963e7becc6873f4176f4feb91881d9e835025358bfa36f31ed43567e
evince-debuginfo-2.28.2-14.el6_0.1.s390x.rpm     MD5: 01cc698d874e5ad87a3ddd34900d7cde
SHA-256: 4a7caf90e917589ce3eab6dcf23b74060982b52aafe1b5085b87b6818dd88726
evince-devel-2.28.2-14.el6_0.1.s390.rpm     MD5: c17d7acced67e1455775be80c947d0ec
SHA-256: 8c32b63f75bf52ca8c0d484d727c560f7b5508586d5a0b97ddf9723c4ae04d20
evince-devel-2.28.2-14.el6_0.1.s390x.rpm     MD5: 5261a85a4382142c1fc97312e3a4abd1
SHA-256: 23c53b006fb0f57181064e43af45b2e7c807033b735e6b2a0c1410678fef465a
evince-dvi-2.28.2-14.el6_0.1.s390x.rpm     MD5: 3ce98b8b00a8dd3126e82739c6c77e0b
SHA-256: 446a9836a5367c7a23d74d29eb776198621e70642b6a7d684b52f8790b87e04b
evince-libs-2.28.2-14.el6_0.1.s390.rpm     MD5: 3409d7aea66f7d6245156889d2e5018f
SHA-256: 5379d01cec7e9ae19a09750a9f9de066a80d719cb17e3ce4c802f8c2ea7a0b9a
evince-libs-2.28.2-14.el6_0.1.s390x.rpm     MD5: c4b0a26867d1f74cb5ed006c5046a6ea
SHA-256: 30f0b1445f5c39ff0eb316a0d5bc2bf1f9aaa80e2829b2e8ca6b866e0e59757a
 
x86_64:
evince-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 756be64a44df646db0b2f502fef04500
SHA-256: fcdfeda539a5a15aaa375b499b6ca63e834823ca164a2e46a3624a23d25e7ead
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-debuginfo-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 219d43bb0854635c7029ef118571c97c
SHA-256: 5f19fe0ecad22c9a1488a7fa11e7866680011e8e134677e8d199ccc68bc1d678
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-devel-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 30ada2ff738abdc8ea6c21629dbe64a5
SHA-256: 09d315b067b3df6e722f57560f956a8ba83994c54e180d0495e758f0ccae5ec4
evince-dvi-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 917f703a6f9ed53bed5e06fa33321082
SHA-256: 6f2b101b7124cda92c1e3a373515e88ec5861cfbf97cbede6f97eb43d0edc288
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
evince-libs-2.28.2-14.el6_0.1.x86_64.rpm     MD5: c42f0bc8af1ea1d2a4d7753a4fa9f388
SHA-256: 664d3409467b3cf8c4f6e79f22340fe5bfcb61b8d29b9662a8c983cf54e936c0
 
Red Hat Enterprise Linux Server EUS (v. 6.0.z)

SRPMS:
evince-2.28.2-14.el6_0.1.src.rpm     MD5: 1f2c49d0e9c9b2e4d5af6c0320cfd695
SHA-256: dfec53d873ff6808b08ae56a5c45e1c0929c8060e6e1cf7d4478d7ff8f0bd828
 
IA-32:
evince-2.28.2-14.el6_0.1.i686.rpm     MD5: 5733fd98ec0545f68612b93a27b6804d
SHA-256: 4a8b8baec0297330c30b9864deb151af5f201d8538cd273cc65035084750f596
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-dvi-2.28.2-14.el6_0.1.i686.rpm     MD5: ddbdc78b7928c71829450809d676d18b
SHA-256: 363cb5f3c1a2216f92c2a8e54816a0f77c2ef93b4129919c07aa487fb2ba0370
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
 
PPC:
evince-2.28.2-14.el6_0.1.ppc64.rpm     MD5: a6aa5f903434f3a0e6ac31c8a37d0896
SHA-256: ae163e2b8df12620a8876e4e33919c33e9bcb4e54c39861d9f0ea870728138e5
evince-debuginfo-2.28.2-14.el6_0.1.ppc.rpm     MD5: 85f373e30211bd73445f9d06e99a4a87
SHA-256: ec06ff6cc6526f57c8fd9cb379195bbc72f26686f1631adbf575d17f4a8d3f6d
evince-debuginfo-2.28.2-14.el6_0.1.ppc64.rpm     MD5: 8328398be7c3897f8e86b9e5f7b176fc
SHA-256: 4e7590ca2f5681d58d97d2d8159269eb442451f48b65a7cb84681ca974f4636b
evince-devel-2.28.2-14.el6_0.1.ppc.rpm     MD5: d9c36327f2148fa9f506010d8d461876
SHA-256: 04f66de2733fa651e063909ae2244e9990c07021487b614ba2158fc888b76daa
evince-devel-2.28.2-14.el6_0.1.ppc64.rpm     MD5: ac205f0698537e5152df6e7b4888ee2a
SHA-256: 14488b303b3192701c5c373acc12fbbd0330306060e714152f37fcb24aa9a7c9
evince-dvi-2.28.2-14.el6_0.1.ppc64.rpm     MD5: 3a336fb7621d1c414a135de2967f620f
SHA-256: ba0681dd2110a3fdb3da7ed7224131abc9f607bdf8340a1b35c4ceae5b84fcd7
evince-libs-2.28.2-14.el6_0.1.ppc.rpm     MD5: d43671505c6396f15247658dd3f48b9b
SHA-256: 98b90d388920a5fb0ffdbdf64c71dba0627177e2f44ffbeadeb78914a24b2b35
evince-libs-2.28.2-14.el6_0.1.ppc64.rpm     MD5: 33561f35fd108da96c83dcf3a4a29f45
SHA-256: fa1ae24cedf2db6a54172f2c8ba518fad0db754f1e74d03e6407a4711595d942
 
s390x:
evince-2.28.2-14.el6_0.1.s390x.rpm     MD5: 83c6f2872a2dfd03d9fd88ccf4722a73
SHA-256: 40bcaa792631fe411b44eb066c80fa882ba7b18f202fcf93f19ad558d74d7427
evince-debuginfo-2.28.2-14.el6_0.1.s390.rpm     MD5: c068521a84de99345051a03591787914
SHA-256: aa117ff0963e7becc6873f4176f4feb91881d9e835025358bfa36f31ed43567e
evince-debuginfo-2.28.2-14.el6_0.1.s390x.rpm     MD5: 01cc698d874e5ad87a3ddd34900d7cde
SHA-256: 4a7caf90e917589ce3eab6dcf23b74060982b52aafe1b5085b87b6818dd88726
evince-devel-2.28.2-14.el6_0.1.s390.rpm     MD5: c17d7acced67e1455775be80c947d0ec
SHA-256: 8c32b63f75bf52ca8c0d484d727c560f7b5508586d5a0b97ddf9723c4ae04d20
evince-devel-2.28.2-14.el6_0.1.s390x.rpm     MD5: 5261a85a4382142c1fc97312e3a4abd1
SHA-256: 23c53b006fb0f57181064e43af45b2e7c807033b735e6b2a0c1410678fef465a
evince-dvi-2.28.2-14.el6_0.1.s390x.rpm     MD5: 3ce98b8b00a8dd3126e82739c6c77e0b
SHA-256: 446a9836a5367c7a23d74d29eb776198621e70642b6a7d684b52f8790b87e04b
evince-libs-2.28.2-14.el6_0.1.s390.rpm     MD5: 3409d7aea66f7d6245156889d2e5018f
SHA-256: 5379d01cec7e9ae19a09750a9f9de066a80d719cb17e3ce4c802f8c2ea7a0b9a
evince-libs-2.28.2-14.el6_0.1.s390x.rpm     MD5: c4b0a26867d1f74cb5ed006c5046a6ea
SHA-256: 30f0b1445f5c39ff0eb316a0d5bc2bf1f9aaa80e2829b2e8ca6b866e0e59757a
 
x86_64:
evince-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 756be64a44df646db0b2f502fef04500
SHA-256: fcdfeda539a5a15aaa375b499b6ca63e834823ca164a2e46a3624a23d25e7ead
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-debuginfo-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 219d43bb0854635c7029ef118571c97c
SHA-256: 5f19fe0ecad22c9a1488a7fa11e7866680011e8e134677e8d199ccc68bc1d678
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-devel-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 30ada2ff738abdc8ea6c21629dbe64a5
SHA-256: 09d315b067b3df6e722f57560f956a8ba83994c54e180d0495e758f0ccae5ec4
evince-dvi-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 917f703a6f9ed53bed5e06fa33321082
SHA-256: 6f2b101b7124cda92c1e3a373515e88ec5861cfbf97cbede6f97eb43d0edc288
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
evince-libs-2.28.2-14.el6_0.1.x86_64.rpm     MD5: c42f0bc8af1ea1d2a4d7753a4fa9f388
SHA-256: 664d3409467b3cf8c4f6e79f22340fe5bfcb61b8d29b9662a8c983cf54e936c0
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
evince-2.28.2-14.el6_0.1.src.rpm     MD5: 1f2c49d0e9c9b2e4d5af6c0320cfd695
SHA-256: dfec53d873ff6808b08ae56a5c45e1c0929c8060e6e1cf7d4478d7ff8f0bd828
 
IA-32:
evince-2.28.2-14.el6_0.1.i686.rpm     MD5: 5733fd98ec0545f68612b93a27b6804d
SHA-256: 4a8b8baec0297330c30b9864deb151af5f201d8538cd273cc65035084750f596
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-dvi-2.28.2-14.el6_0.1.i686.rpm     MD5: ddbdc78b7928c71829450809d676d18b
SHA-256: 363cb5f3c1a2216f92c2a8e54816a0f77c2ef93b4129919c07aa487fb2ba0370
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
 
x86_64:
evince-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 756be64a44df646db0b2f502fef04500
SHA-256: fcdfeda539a5a15aaa375b499b6ca63e834823ca164a2e46a3624a23d25e7ead
evince-debuginfo-2.28.2-14.el6_0.1.i686.rpm     MD5: 23e127833e47571b72b728a6ae2f37fb
SHA-256: ee1a42af65ac9865472b6308d74ca25f1cd172ebd6bc940f21a06fb5509a479e
evince-debuginfo-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 219d43bb0854635c7029ef118571c97c
SHA-256: 5f19fe0ecad22c9a1488a7fa11e7866680011e8e134677e8d199ccc68bc1d678
evince-devel-2.28.2-14.el6_0.1.i686.rpm     MD5: b8ee12d80ce297ad1a50c023c37ff388
SHA-256: 860fd51b394a5d9acc4e5348a772f9d312d9d0837a326f37883748b875259101
evince-devel-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 30ada2ff738abdc8ea6c21629dbe64a5
SHA-256: 09d315b067b3df6e722f57560f956a8ba83994c54e180d0495e758f0ccae5ec4
evince-dvi-2.28.2-14.el6_0.1.x86_64.rpm     MD5: 917f703a6f9ed53bed5e06fa33321082
SHA-256: 6f2b101b7124cda92c1e3a373515e88ec5861cfbf97cbede6f97eb43d0edc288
evince-libs-2.28.2-14.el6_0.1.i686.rpm     MD5: 910c20a3192c90c43f9289c120b929eb
SHA-256: c9ee6d6f0feb1afc3ad0f10cc973606296b9cb173d9a5f014b8f99805efc9f07
evince-libs-2.28.2-14.el6_0.1.x86_64.rpm     MD5: c42f0bc8af1ea1d2a4d7753a4fa9f388
SHA-256: 664d3409467b3cf8c4f6e79f22340fe5bfcb61b8d29b9662a8c983cf54e936c0
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

666313 - CVE-2010-2640 evince: Array index errror in DVI file PK font parser
666314 - CVE-2010-2641 evince: Array index errror in DVI file VF font parser
666318 - CVE-2010-2642 evince: Heap based buffer overflow in DVI file AFM font parser
666321 - CVE-2010-2643 evince: Integer overflow in DVI file TFM font parser


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/