iDEFENSE has reported a buffer overflow issue in xpdf 3. This issue also affects cups in RHEL3. cups contains an internal version of xpdf which is vulnerable to this issue. http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities&flashstatus=true The advisory references a patch to fix this issue. This issue should also affect FC2.
Update issued but the announcement still needs approval.
https://www.redhat.com/archives/fedora-announce-list/2004-December/msg00101.html https://www.redhat.com/archives/fedora-announce-list/2004-December/msg00102.html