Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0.
 Also programs like gpdf which have embedded versions of xpdf.
 These can result in writing an arbitrary byte to an attacker controlled
 location which probably could lead to arbitrary code execution.

See bug 2186

Ref:
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:114



------- Additional Comments From rob.myers.edu 2004-10-28 09:42:37 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Here is an updated gpdf package to QA for fc1:
 
i had a problem with %find_lang when trying to build in mach:
 
<snip>
+ /usr/lib/rpm/redhat/find-lang.sh /var/tmp/gpdf-0.110-root gpdf
No translations found for gpdf in /var/tmp/gpdf-0.110-root
error: Bad exit status from /var/tmp/rpm-tmp.29145 (%install)
</snip>
 
but it built fine without mach.
 
changelog:
* Thu Oct 28 2004 Rob Myers <rob.myers.edu> 0.110-1.1.legacy
- - patch for CAN-2004-0888 CAN-2004-0889 (FL #2186, #2195)
 
sha1sums:
e414465e275b59bcd31f287490f0e4f2b916aae8  gpdf-0.110-1.1.legacy.i386.rpm
e757228ddaf77d5702c3b3756d90714aaf11554b  gpdf-0.110-1.1.legacy.src.rpm
6a6caca69d03a5db30dbaceb66e8d1a1fcf99fe0  gpdf-debuginfo-0.110-1.1.legacy.i386.rpm
 
files:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/gpdf-0.110-1.1.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/gpdf-0.110-1.1.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/gpdf-debuginfo-0.110-1.1.legacy.i386.rpm
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
 
iD8DBQFBgUtztU2XAt1OWnsRAvq6AJ0btml9We7J9erFC/LsgSUiw5/bUgCg21tB
VAKXmfjQhP6RMFhKDcB53eE=
=mpc6
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers 2004-11-25 17:02:01 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did QA on the FC1 package:

e757228ddaf77d5702c3b3756d90714aaf11554b  gpdf-0.110-1.1.legacy.src.rpm

- - Source files identical to previous release
- - Patch file is good
- - Spec file changes good
- - Builds, installs and runs OK

+PUBLISH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBppzHLMAs/0C4zNoRAotGAJ9Z+7deXoTRa5yURY7Xq3jZiLQTNACgl2X+
HEUnpvEgLmdrycIowGLiMsc=
=phQA
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers 2004-12-01 18:23:18 ----

Packages were pushed to updates-testing.



------- Additional Comments From pekkas 2004-12-22 04:21:26 ----

Sigh.. more flaws were found in xpdf -- #2186 comment 25.



------- Additional Comments From marcdeslauriers 2004-12-22 05:35:17 ----

The new flaws should be in their own bug...these packages are already in
updates-testing.



------- Additional Comments From rob.myers.edu 2004-12-22 13:19:42 ----

new bug created.  see bug #2352.



------- Additional Comments From rob.myers.edu 2004-12-22 16:48:23 ----

or rather see bug #2353



------- Additional Comments From sheltren.edu 2005-01-13 07:17:16 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Verify for package:
5f64cfd5be571ffcb49f1cf067603165decc2318  gpdf-0.110-1.2.legacy.i386.rpm

Signature is OK
Package installs OK
Ran gpdf and successfully opened some PDF documents

FC1 VERIFY++

Does this issue appear on RH9 also?  I didn't see any RH9 packages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFB5qz5Ke7MLJjUbNMRAsqpAKChlbGmROYozWMRRtUeGfSH5bfghQCgwU4D
vsnP24OvD0yCW4Iy45lK+6k=
=P1fK
-----END PGP SIGNATURE-----



------- Additional Comments From marcdeslauriers 2005-02-10 13:04:17 ----

Packages were officially released.



------- Bug moved to this database by dkl 2005-03-30 18:28 -------

This bug previously known as bug 2195 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2195
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.