Bug 152875 - CAN-2004-1125,CAN-2005-0064 xpdf 3.00 Buffer overflow
CAN-2004-1125,CAN-2005-0064 xpdf 3.00 Buffer overflow
Status: CLOSED ERRATA
Product: Fedora Legacy
Classification: Retired
Component: xpdf (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://cve.mitre.org/cgi-bin/cvename....
1, LEGACY, rh73, rh90
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-22 13:01 EST by rob
Modified: 2007-04-18 13:22 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-05-16 08:04:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Lawrence 2005-03-30 18:30:37 EST
from:
http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities&flashstatus=true

Remote exploitation of a buffer overflow vulnerability in the xpdf PDF
viewer, as included in multiple Linux distributions, could allow
attackers to execute arbitrary code as the user viewing a PDF file. The
offending code can be found in the Gfx::doImage() function in the source
file xpdf/Gfx.cc.

A patch to address this vulnerability is available from:

    ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125



------- Additional Comments From rob.myers@gtri.gatech.edu 2004-12-22 13:18:15 ----

this affects gpdf and cups in fc1 also.  still need to look at rh73 and rh9.



------- Additional Comments From rob.myers@gtri.gatech.edu 2004-12-22 20:18:21 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
here are xpdf rpms to QA for rh73, rh9 and fc1:
 
- - uses xpdf 3.00 patch with last hunk removed since it did not
  apply and only fixed an error message.
 
- - other vendors have not yet released patches for xpdf < 3.0.
  so we should take a close look at them when they do to make sure
  there are no other issues.
 
this file is available at:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/2352.txt.asc
 
changelogs:
 
rh73:
* Thu Dec 23 2004 Rob Myers <rob.myers@gtri.gatech.edu> 1.00-7.3.legacy
- - patch for CAN-2004-1125 (FL #2352)
 
rh9:
* Thu Dec 23 2004 Rob Myers <rob.myers@gtri.gatech.edu> 2.01-11.2.legacy
- - patch for CAN-2004-1125 (FL #2352)
 
fc1:
* Thu Dec 23 2004 Rob Myers <rob.myers@gtri.gatech.edu> 1:2.03-1.2.legacy
- - patch for CAN-2004-1125 (FL #2352)
 
files:
 
rh73:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-1.00-7.3.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-1.00-7.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-simplified-1.00-7.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-traditional-1.00-7.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-japanese-1.00-7.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-korean-1.00-7.3.legacy.i386.rpm
 
rh9:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.01-11.2.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.01-11.2.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-simplified-2.01-11.2.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-traditional-2.01-11.2.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-debuginfo-2.01-11.2.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-japanese-2.01-11.2.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-korean-2.01-11.2.legacy.i386.rpm
 
fc1:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.03-1.2.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.03-1.2.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-debuginfo-2.03-1.2.legacy.i386.rpm
 
sha1sums:
 
rh73:
f42829021213709da029f6916f7a466750a1d28a  xpdf-1.00-7.3.legacy.i386.rpm
cd9ec234d32313d5475ce2db61bccc48497926ef  xpdf-1.00-7.3.legacy.src.rpm
b3445085e6267a50adcd7e2e0d9a06c1ed043d98 
xpdf-chinese-simplified-1.00-7.3.legacy.i386.rpm
40a60214a79fe431d2166749fec151355781249f 
xpdf-chinese-traditional-1.00-7.3.legacy.i386.rpm
478968ffa310b26a623f7d3a4b11ef58606b6d66  xpdf-japanese-1.00-7.3.legacy.i386.rpm
4a109e555aa53b7925f6d61957c703922211ce5d  xpdf-korean-1.00-7.3.legacy.i386.rpm
 
rh9:
3002edb23e0a33d7f1eebba2451bd9d7b43439bc  xpdf-2.01-11.2.legacy.i386.rpm
64a6c50d55489fd0718caef1aba89fb93f5e1028  xpdf-2.01-11.2.legacy.src.rpm
4b559a7b973c0c310f1d24661f349fcfa178b64d 
xpdf-chinese-simplified-2.01-11.2.legacy.i386.rpm
434231fc9598dd7d4e44fcc0ff60f0d800d119d2 
xpdf-chinese-traditional-2.01-11.2.legacy.i386.rpm
59f7a5e63db1c3a989c9dd0130af62b45b89ea45  xpdf-debuginfo-2.01-11.2.legacy.i386.rpm
76b4cd3132941cecf14e8ce9e4fa3d2eef9da508  xpdf-japanese-2.01-11.2.legacy.i386.rpm
711668c89617490cc4015ffdcf988a0dd3297405  xpdf-korean-2.01-11.2.legacy.i386.rpm
 
fc1:
d724d98345c306e42620f50281cd102f8bba34c3  xpdf-2.03-1.2.legacy.i386.rpm
d22b93f7efa8870173d3a233748dcfc09c91f93d  xpdf-2.03-1.2.legacy.src.rpm
6285095f29fcb316013ae4bd77a49d6a45b33160  xpdf-debuginfo-2.03-1.2.legacy.i386.rpm
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
 
iD8DBQFBymCctU2XAt1OWnsRAqOrAJsHXDAgnyxSQBmJMiB4xXeU+TOYjwCeO1oj
HKTuxr0eGPwigfodFOeQy7A=
=rVIS
-----END PGP SIGNATURE-----




------- Additional Comments From pekkas@netcore.fi 2004-12-23 11:40:50 ----

I'd say it seems to make sense to have this supercede #2186, because the patch
seems so trivial..

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

QA for all the SRPMS w/ rpm-build-compare.sh:
 - sources intact
 - the spec file changes trivial
 - patches verified to come from Red Hat CVS, and be alike with upstream
   changes.  Dropping the error message modification is OK.

+PUBLISH (RHL73,RHL9,FC1)

(Damn, I'd really hope someone finally figured to create an xpdf library
instead of just copying the code..)

cd9ec234d32313d5475ce2db61bccc48497926ef  xpdf-1.00-7.3.legacy.src.rpm
64a6c50d55489fd0718caef1aba89fb93f5e1028  xpdf-2.01-11.2.legacy.src.rpm
d22b93f7efa8870173d3a233748dcfc09c91f93d  xpdf-2.03-1.2.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFByzqdGHbTkzxSL7QRAkmiAKDFwOILgo0LjUUWRlv2LDS//QQklQCg00gB
XFhZJ7LouIupN4KDFGuDMB4=
=ROsu
-----END PGP SIGNATURE-----




------- Additional Comments From fedora-legacy-bugzilla-2004@fumika.jp 2004-12-24 15:35:59 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did QA on RH9 package:
3002edb23e0a33d7f1eebba2451bd9d7b43439bc  xpdf-2.01-11.2.legacy.i386.rpm
64a6c50d55489fd0718caef1aba89fb93f5e1028  xpdf-2.01-11.2.legacy.src.rpm
4b559a7b973c0c310f1d24661f349fcfa178b64d
xpdf-chinese-simplified-2.01-11.2.legacy.i386.rpm
434231fc9598dd7d4e44fcc0ff60f0d800d119d2
xpdf-chinese-traditional-2.01-11.2.legacy.i386.rpm
76b4cd3132941cecf14e8ce9e4fa3d2eef9da508  xpdf-japanese-2.01-11.2.legacy.i386.rpm
711668c89617490cc4015ffdcf988a0dd3297405  xpdf-korean-2.01-11.2.legacy.i386.rpm

sha1sum matches
rpm signature ok
source files ok
spec file ok
patches ok
src rebuilds ok
rpm-build-compare script ok
installs ok
runs ok
5 demo pdfs in Red Hat Bugzilla ok(no crash)
+PUBLISH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBzMDBuZYb5AhVqVoRAhhmAJwIa2HbRTC37nAsOu8kcQbF7h3PIwCgzEq6
vBx5nmnKPrirG7NcRAvo0dk=
=VwLi
-----END PGP SIGNATURE-----



------- Additional Comments From pekkas@netcore.fi 2005-01-18 19:11:09 ----

Don't these never cease?

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf
3.00 and earlier allows remote attackers to execute arbitrary code via a PDF
file with a large /Encrypt /Length keyLength value. 

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch 



------- Additional Comments From rob.myers@gtri.gatech.edu 2005-01-19 02:52:17 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
here are xpdf rpms to QA for rh73, rh9 and fc1:
 
- - uses patch from RHEL3 for CAN-2004-1125.  this patch adds an additional check
- - uses upstream xpdf 3.0 patch for CAN-2005-0064
 
changelogs:
 
rh73:
* Wed Jan 19 2005 Rob Myers <rob.myers@gtri.gatech.edu> 1.00-7.4.legacy
- - patch for CAN-2005-0064 (FL #2352)
- - use better patch for CAN-2004-1125
 
rh9:
* Wed Jan 19 2005 Rob Myers <rob.myers@gtri.gatech.edu> 2.01-11.3.legacy
- - patch for CAN-2005-0064 (FL #2352)
- - use better patch for CAN-2004-1125
 
fc1:
* Wed Jan 19 2005 Rob Myers <rob.myers@gtri.gatech.edu> 1:2.03-1.3.legacy
- - patch for CAN-2005-0064 (FL #2352)
- - use better patch for CAN-2004-1125
 
 
this file is available at:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/2352.txt.asc
 
files:
 
rh73:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-1.00-7.4.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-japanese-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-korean-1.00-7.4.legacy.i386.rpm
 
rh9:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.01-11.3.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-debuginfo-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-japanese-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-korean-2.01-11.3.legacy.i386.rpm
 
fc1:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.03-1.3.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.03-1.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-debuginfo-2.03-1.3.legacy.i386.rpm
 
 
sha1sums:
 
rh73:
c1325c60c08d5af10387f37dc2a931473977c14b  xpdf-1.00-7.4.legacy.i386.rpm
e08702cfa839b62cb050326460e616d479268dfd  xpdf-1.00-7.4.legacy.src.rpm
6838fc7db01b14253e484fff01a21d19fe73eba4 
xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm
234543ac6ddd28dcf8a65923a16efcace0164a1c 
xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm
71b1af2646a7e6061cd27cddca731eb672dd1451  xpdf-japanese-1.00-7.4.legacy.i386.rpm
f143574ef6fb4347c78de0e4490b93bebc6c35e0  xpdf-korean-1.00-7.4.legacy.i386.rpm
 
rh9:
e903ed280ee243fc3be4f36c491fde98de6ff3e3  xpdf-2.01-11.3.legacy.i386.rpm
2433727b52aecbf17bdf23efd6f149d6b58d3e28  xpdf-2.01-11.3.legacy.src.rpm
0a1708ab2e2fc14ce6404aff599ac09f154a3caf 
xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
e93562699eaa1fb06e143b41ff0475c1e7a657df 
xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
8dcf09f64928fa95c109e891bba565afd9151880  xpdf-debuginfo-2.01-11.3.legacy.i386.rpm
a6e1f9acd87ace77c3274b3332f455cdb54a233c  xpdf-japanese-2.01-11.3.legacy.i386.rpm
4a8c50c4bfe136d1eec3123c5dbc3e3595a228b2  xpdf-korean-2.01-11.3.legacy.i386.rpm
 
fc1:
e732c3046c5d1db4db5a87c10eaf35426c034f32  xpdf-2.03-1.3.legacy.i386.rpm
2a58f9246fbdf20e17613cfe40e95145f3de7b6e  xpdf-2.03-1.3.legacy.src.rpm
344373cf374628373e2a0e3594a6e536bfbae5dd  xpdf-debuginfo-2.03-1.3.legacy.i386.rpm
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
 
iD8DBQFB7ldztU2XAt1OWnsRAu0rAKCo6IFnwS2LfxkJCQ1CO1cRBZKD2wCfe8Y/
orZspaIOeWyGA8wLWQMw6Ak=
=rsdy
-----END PGP SIGNATURE-----




------- Additional Comments From rob.myers@gtri.gatech.edu 2005-01-19 03:12:09 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
here are xpdf rpms to QA for rh73, rh9 and fc1:
 
- - resigned rpms with correct gpg key, regenerated sha1sums
- - uses patch from RHEL3 for CAN-2004-1125.  this patch adds an additional check
- - uses upstream xpdf 3.0 patch for CAN-2005-0064
 
changelogs:
 
rh73:
* Wed Jan 19 2005 Rob Myers <rob.myers@gtri.gatech.edu> 1.00-7.4.legacy
- - patch for CAN-2005-0064 (FL #2352)
- - use better patch for CAN-2004-1125
 
rh9:
* Wed Jan 19 2005 Rob Myers <rob.myers@gtri.gatech.edu> 2.01-11.3.legacy
- - patch for CAN-2005-0064 (FL #2352)
- - use better patch for CAN-2004-1125
 
fc1:
* Wed Jan 19 2005 Rob Myers <rob.myers@gtri.gatech.edu> 1:2.03-1.3.legacy
- - patch for CAN-2005-0064 (FL #2352)
- - use better patch for CAN-2004-1125
 
 
this file is available at:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/2352.txt.asc
 
files:
 
rh73:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-1.00-7.4.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-japanese-1.00-7.4.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-korean-1.00-7.4.legacy.i386.rpm
 
rh9:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.01-11.3.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-debuginfo-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-japanese-2.01-11.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-korean-2.01-11.3.legacy.i386.rpm
 
fc1:
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.03-1.3.legacy.src.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-2.03-1.3.legacy.i386.rpm
http://www.stl.gtri.gatech.edu/rmyers/fedoralegacy/xpdf-debuginfo-2.03-1.3.legacy.i386.rpm
 
sha1sums:
 
rh73:
a892e36178196c3ee2f2e80fca910ddc3d3070ab  xpdf-1.00-7.4.legacy.i386.rpm
98ac6bfa64201fdb1b98f3ac52b28165a70dec44  xpdf-1.00-7.4.legacy.src.rpm
086f06c0e860771801ed111764a61992845e0a88 
xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm
5f501ed28e640af670bdfb8da5bb6757f6077af9 
xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm
7b6e59623c584e66d535489b0827b977fabee6c3  xpdf-japanese-1.00-7.4.legacy.i386.rpm
73d998bc278e9a3ac5eba8a24004c9152d9e1cdd  xpdf-korean-1.00-7.4.legacy.i386.rpm
 
rh9:
b39ab9de0937e1b38fb8b3c1410e1da67c7de867  xpdf-2.01-11.3.legacy.i386.rpm
d56e1e7659b4cca4aa2ef646cf61acdd54a06954  xpdf-2.01-11.3.legacy.src.rpm
d2eaf6ae45612643a7eccef363b1a3243b808a14 
xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
f504dd5054d820f81ac9394e2eaa2e73358395c5 
xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
30a830430a0a434b8f1dea4fb0939613c81f8e4b  xpdf-debuginfo-2.01-11.3.legacy.i386.rpm
db2509f37238a5e493bc522833f21397faf81818  xpdf-japanese-2.01-11.3.legacy.i386.rpm
2b2821cc87864b2cdb9253a10bb3b3168684d054  xpdf-korean-2.01-11.3.legacy.i386.rpm
 
fc1:
cfe45e0b2eabf8b6c058167ee46e69a35a152712  xpdf-2.03-1.3.legacy.i386.rpm
c62764695e4bd71c7e8defb282523c76f062812a  xpdf-2.03-1.3.legacy.src.rpm
c49482e1c3f2c8f66300a3ac8ef433ba1b84626e  xpdf-debuginfo-2.03-1.3.legacy.i386.rpm
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
 
iD8DBQFB7lxCtU2XAt1OWnsRAqdOAJ9AC3WIMRceiHfjFqZiW/N801qsQQCg5KCp
Gs4ZDEPM+H8vvd7cWZoP6UQ=
=+FRz
-----END PGP SIGNATURE-----




------- Additional Comments From pekkas@netcore.fi 2005-01-19 04:06:40 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
QA for all the SRPMS:
 - source integrity OK
 - verified that the patch comes from upstream and is OK
 - verified the new RHEL3 patch for 1125
 - spec file changes OK
 
+PUBLISH (RHL73,RHL9,FC1)
 
98ac6bfa64201fdb1b98f3ac52b28165a70dec44  xpdf-1.00-7.4.legacy.src.rpm
d56e1e7659b4cca4aa2ef646cf61acdd54a06954  xpdf-2.01-11.3.legacy.src.rpm
c62764695e4bd71c7e8defb282523c76f062812a  xpdf-2.03-1.3.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
 
iD8DBQFB7mlFGHbTkzxSL7QRAlQ+AJ9gHT5UhPGwtamNyU0Z5YhRhiMtDQCglJ0H
NTK5bTvyDUNFceKEMsii4jk=
=xy7j
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-04 12:37:46 ----

Packages built and pushed to updates-testing.



------- Additional Comments From mschout@gkg.net 2005-02-05 14:03:10 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Redhat 7.3:

423ffbb749b7ee88eeb10e6a859eeb0bf065e14f  xpdf-1.00-7.4.legacy.i386.rpm

* rpm --checksig ok
  MD5 sum OK: 9bc17cf68f1280c2a951aafbb8d2121e
  Fingerprint: D66D 121F 9784 5E7B 2757  8C46 108C 4512 7310 02FA (ok)
* package installs without errors.
* package appears to work properly - can open PDF files and read them

+VERIFY RHL7.3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFCBV6T+CqvSzp9LOwRAoBVAJ9sBuwPvCrTPNI6/pboUlG0SBEV9ACgxlyS
e1+45N61557nVyeTACC0HA0=
=qcOW
-----END PGP SIGNATURE-----




------- Additional Comments From rmy@tigress.co.uk 2005-02-07 01:15:33 ----

-----BEGIN PGP SIGNED MESSAGE-----

I've installed xpdf-1.00-7.4.legacy.i386.rpm on two
machines.  SHA1 checksum and gpg signature are both OK.

The RPM installed without error.  I'm able to run xpdf
as expected and display PDF files in both English and
Russian.

VERIFIED rh73
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iQCVAwUBQgdNmR2/joqPEUdFAQF7gwP/Uyf+GkWFpHzLgGyJdfRLnKB2FwbD7/mR
hzP2qsCNfoZC0s5aohpws7Swn/Yexnug3cBavurPYngpzeY3Aq+zfzbN0LSa0dhA
R/J0Tffto4c2DkLrcwAnAfHdAxlC/jTO6mod4H/i9J+firQ2ODXri8edQRC+zTV9
pfLXWMpEZ/U=
=V16y
-----END PGP SIGNATURE-----




------- Additional Comments From S.J.Thompson@cs.bham.ac.uk 2005-02-08 00:12:15 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Testing on RedHat 9

RPM
67e76b9214471447bf79ea1b5b191b16122ba2c0  xpdf-2.01-11.3.legacy.i386.rpm
7c6d5c6374dd7e5c952d37ead71071500ac9fda3 
xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
e351ec803bc2e7c27aa4677dcd57ad9f4772c492 
xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
fcde9f1758de64bd50e5ef003cf344c63264b940  xpdf-japanese-2.01-11.3.legacy.i386.rpm
a5e48c1ef2bca6e59b4c27f442078231d6dd68c2  xpdf-korean-2.01-11.3.legacy.i386.rpm

% rpm -checksig -v xpdf-2.01-11.3.legacy.i386.rpm
xpdf-2.01-11.3.legacy.i386.rpm:
    Header V3 DSA signature: OK, key ID 731002fa
    Header SHA1 digest: OK (8971f98de5d03455bae53ee85cc21ebed56caf73)
    MD5 digest: OK (443b878ad00e30195553085bf22572ac)
    V3 DSA signature: OK, key ID 731002fa
% rpm -checksig -v xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm:
    Header V3 DSA signature: OK, key ID 731002fa
    Header SHA1 digest: OK (890e90fa4e17a6e27d36cbca81c08b70eb0cd727)
    MD5 digest: OK (c6913a4e937ab7cad4ff394f268f2436)
    V3 DSA signature: OK, key ID 731002fa
% rpm -checksig -v xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm:
    Header V3 DSA signature: OK, key ID 731002fa
    Header SHA1 digest: OK (623e55dce4c27f1c0d4c17d90f2905264ee36eda)
    MD5 digest: OK (6be06eebceca6c7b48aabab7bafd2607)
    V3 DSA signature: OK, key ID 731002fa
% rpm -checksig -v xpdf-japanese-2.01-11.3.legacy.i386.rpm
xpdf-japanese-2.01-11.3.legacy.i386.rpm:
    Header V3 DSA signature: OK, key ID 731002fa
    Header SHA1 digest: OK (8e05b63f694d4e9043b23f03d911f369fb9ad013)
    MD5 digest: OK (f8c944b1cd98d18b57459470e634aa93)
    V3 DSA signature: OK, key ID 731002fa
% rpm -checksig -v xpdf-korean-2.01-11.3.legacy.i386.rpm
xpdf-korean-2.01-11.3.legacy.i386.rpm:
    Header V3 DSA signature: OK, key ID 731002fa
    Header SHA1 digest: OK (f71c9950e9828b3965654b207f11dcbb7167c2b1)
    MD5 digest: OK (d63717aab12dd70080770fe4159968c7)
    V3 DSA signature: OK, key ID 731002fa

Signatures and sha1sums check out ok on all packages.

RPM of xpdf upgrades OK. Note language packs not checked for functionality (I
have no suitable files) but they do install OK.

xpdf seems functional (it loads PDF files)

+VERIFY (rh9)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCCJAZ6PpxfDLZ0SgRAoSwAJ464Zc0WyzDgHMfqZ1B4ya4FfYolgCfQyiS
aQSSlnD8QDpPrRk7gQqKiVI=
=id5Z
-----END PGP SIGNATURE-----



------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-17 12:17:07 ----

Packages were released



------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:30 -------

This bug previously known as bug 2352 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2352
Originally filed under the Fedora Legacy product and General component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.


Note You need to log in before you can comment on or make changes to this bug.