View previous topic :: View next topic |
Author |
Message |
Deathwing00 Bodhisattva
Joined: 13 Jun 2003 Posts: 4087 Location: Dresden, Germany
|
Posted: Sat Nov 06, 2004 3:00 pm Post subject: UPDATE: [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vuln xpdf |
|
|
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200410-30:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: GPdf, KPDF, KOffice: Vulnerabilities in included xpdf
Date: October 28, 2004
Updated: November 06, 2004
Bugs: #68558, #68665, #68571, #69936, #69624
ID: 200410-30:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Update
=====
The original fix introduced new vulnerabilities on 64-bit platforms.
New fixed packages are available. Updated sections follow.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-office/koffice < 1.3.4-r1 >= 1.3.4-r1
*>= 1.3.3-r2
2 app-text/gpdf < 2.8.0-r2 >= 2.8.0-r2
*>= 0.132-r2
3 kde-base/kdegraphics < 3.3.1-r2 >= 3.3.1-r2
*>= 3.3.0-r2
*>= 3.2.3-r2
-------------------------------------------------------------------
3 affected packages on all of their supported architectures.
-------------------------------------------------------------------
Resolution
==========
All GPdf users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/gpdf-0.132-r2"
All KDE users should upgrade to the latest version of kdegraphics:
# emerge --sync
# emerge --ask --oneshot --verbose ">=kde-base/kdegraphics-3.3.0-r2"
All KOffice users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/koffice-1.3.3-r2"
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200410-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2004 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/1.0 |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|