Bug 652108

Summary: xpdf security fix for CVE-2010-3702, CVS-2010-3704 is missing from EPEL archives
Product: [Fedora] Fedora EPEL Reporter: Michal Jaegermann <michal>
Component: xpdfAssignee: Tom "spot" Callaway <tcallawa>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: el5CC: tcallawa
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: xpdf-3.02-16.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-29 12:05:12 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 595245, 638960    

Description Michal Jaegermann 2010-11-10 20:33:51 EST
Description of problem:

There is xpdf-3.02-16 released for Fedora with a security patch for CVE-2010-3702 and CVS-2010-3704.  A corresponding EPEL package is still xpdf-3.02-15.el5 build on "Fri 16 Oct 2009".

Version-Release number of selected component (if applicable):
xpdf-3.02-15.el5
Comment 1 Fedora Update System 2010-11-11 10:31:52 EST
xpdf-3.02-16.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/xpdf-3.02-16.el5
Comment 2 Fedora Update System 2010-11-12 11:50:12 EST
xpdf-3.02-16.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update xpdf'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/xpdf-3.02-16.el5
Comment 3 Fedora Update System 2010-11-29 12:05:02 EST
xpdf-3.02-16.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.