[UCI-Linux] [SECURITY] Fedora Core 2 Update: kdegraphics-3.2.2-1.1

Mike Iglesias IGLESIAS at uci.edu
Thu Oct 28 13:17:37 PDT 2004

Date: Thu, 28 Oct 2004 18:28:50 +0200
From: Than Ngo <than at redhat.com>
To: fedora-announce-list at redhat.com
Subject: [SECURITY] Fedora Core 2 Update: kdegraphics-3.2.2-1.1

Fedora Update Notification

Product     : Fedora Core 2
Name        : kdegraphics
Version     : 3.2.2
Release     : 1.1
Summary     : K Desktop Environment - Graphics Applications
Description :
Graphics applications for the K Desktop Environment.

  kdvi (displays TeX .dvi files)
  kfax (displays faxfiles)
  kghostview (displays postscript files)
  kcoloredit (palette editor and color chooser)
  kamera (digital camera support)
  kiconedit (icon editor)
  kpaint (a simple drawing program)
  ksnapshot (screen capture utility)
  kview (image viewer for GIF, JPEG, TIFF, etc.)
  kuickshow (quick picture viewer)
  kooka (scanner application)
  kruler (screen ruler and color measurement tool)

Update Information:

A problem with PDF handling was discovered by Chris Evans, and has
been fixed.  The Common Vulnerabilities and Exposures project
(www.mitre.org) has assigned the name CAN-2004-0888 to this issue.

a number of buffer overflow bugs that affect libtiff have
been found. The kfax application contains a copy of the libtiff code used
for parsing TIFF files and is therefore affected by these bugs. An attacker
who has the ability to trick a user into opening a malicious TIFF file
could cause kfax to crash or possibly execute arbitrary code. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0803 to this issue.
* Thu Oct 28 2004 Than Ngo <than at redhat.com> 7:3.2.2-1.1

- add fix to link against system libtiff CAN-2004-0886
- apply patch to fix CAN-2004-0888

This update can be downloaded from:

a104c3550141c3f0e7f5245e321f717d  SRPMS/kdegraphics-3.2.2-1.1.src.rpm
b9c227361354cebbcae97df082e60f3c  x86_64/kdegraphics-3.2.2-1.1.x86_64.rpm
1cc02d811b6a96d4382fe15e2b65a4cc  i386/kdegraphics-3.2.2-1.1.i386.rpm
6f72f96c16132cac97501150bf6ddad7  i386/kdegraphics-devel-3.2.2-1.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list