[SECURITY] Fedora Core 3 Update: tetex-2.0.2-21.7.FC3
Posted on: 01/12/2006 06:22 PM

A new update is available for Fedora Core - [SECURITY] Fedora Core 3 Update: tetex-2.0.2-21.7.FC3. Here the announcement:

Fedora Update Notification

Product : Fedora Core 3
Name : tetex
Version : 2.0.2
Release : 21.7.FC3
Summary : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very

Install tetex if you want to use the TeX text formatting system. If
you are installing tetex, you will also need to install tetex-afm (a
PostScript(TM) font converter for TeX),
tetex-dvips (for converting .dvi files to PostScript format
for printing on PostScript printers), tetex-latex (a higher level
formatting package which provides an easier-to-use interface for TeX),
and tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.

Update Information:

Several flaws were discovered in the way teTeX processes PDF
files. An attacker could construct a carefully crafted PDF
file that could cause poppler to crash or possibly execute
arbitrary code when opened.

The Common Vulnerabilities and Exposures project assigned
the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
CVE-2005-3627 to these issues.
* Wed Jan 11 2006 Jindrich Novy lt;jnovy@redhat.comgt; 2.0.2-21.7.FC3
- apply additional patch to fix xpdf flaws from Ludwig Nussel
(CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193) (#177128)
* Mon Dec 19 2005 Jindrich Novy lt;jnovy@redhat.comgt; 2.0.2-21.6
- apply more complete fix for CVE-2005-3193 (#175110) suggested by
security response team, taken from xpdf

This update can be downloaded from:

cf7ccd06a85a2a3eaa876706971fe32f5cba66b9 SRPMS/tetex-2.0.2-21.7.FC3.src.rpm
c4b3207cd02981b2c6f96ad2e27e2c882664c444 x86_64/tetex-2.0.2-21.7.FC3.x86_64.rpm
cfe7477d6307af610983d7b3b4bd8ab1b23026bc x86_64/tetex-latex-2.0.2-21.7.FC3.x86_64.rpm
6de73df47b772f7631692c4c392a02a32630acc4 x86_64/tetex-xdvi-2.0.2-21.7.FC3.x86_64.rpm
ec4cc2f62901e9714f5fc0a1e482ac87868a38e3 x86_64/tetex-dvips-2.0.2-21.7.FC3.x86_64.rpm
7b7380a14999d0fb2ea794cf48afea1bf4fcb608 x86_64/tetex-afm-2.0.2-21.7.FC3.x86_64.rpm
5f58c8f32f80ae9f3940918cb77dc4145ac87d15 x86_64/tetex-fonts-2.0.2-21.7.FC3.x86_64.rpm
8269c2c6f763acc64d4b7230b3e2b9e30de0e5e6 x86_64/tetex-doc-2.0.2-21.7.FC3.x86_64.rpm
fa6a0fe488ddca27adddf8fd8e86efd5d3c96702 x86_64/debug/tetex-debuginfo-2.0.2-21.7.FC3.x86_64.rpm
0199f223161ef36cc20d6c8d3975bc93cf5b859a i386/tetex-2.0.2-21.7.FC3.i386.rpm
ebf60610fcb7883a7fd51fc9149ca0ce39c25f88 i386/tetex-latex-2.0.2-21.7.FC3.i386.rpm
9b33603eaf128f8175b5d6a76b11dc2a1f7938a9 i386/tetex-xdvi-2.0.2-21.7.FC3.i386.rpm
0bca7c80842a921535f9f169873bba67857a9262 i386/tetex-dvips-2.0.2-21.7.FC3.i386.rpm
b10d1f4ab980b22f1b8c2998bba514294438e3e4 i386/tetex-afm-2.0.2-21.7.FC3.i386.rpm
439315089cf95886e7e93531df42779a5b3c9225 i386/tetex-fonts-2.0.2-21.7.FC3.i386.rpm
26316d94c329dbc63f732451cd92eac25a376bed i386/tetex-doc-2.0.2-21.7.FC3.i386.rpm
62428a292a5e896a2e13e95ad6dc58be9559af9e i386/debug/tetex-debuginfo-2.0.2-21.7.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.

Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_fedora_core_3_update_tetex_202_217fc3.html)