Synopsis: Important: kdegraphics security update
Issue date: 2009-12-16
CVE Names: CVE-2009-4035
Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow
flaw in KPDF's Type 1 font parser. A specially-crafted PDF file with an
embedded Type 1 font could cause KPDF to crash or, possibly, execute
arbitrary code when opened. (CVE-2009-4035)
SL 4.x
SRPMS:
kdegraphics-3.3.1-17.el4_8.1.src.rpm
i386:
kdegraphics-3.3.1-17.el4_8.1.i386.rpm
kdegraphics-devel-3.3.1-17.el4_8.1.i386.rpm
x86_64:
kdegraphics-3.3.1-17.el4_8.1.x86_64.rpm
kdegraphics-devel-3.3.1-17.el4_8.1.x86_64.rpm
-Connie Sieh
-Troy Dawson