Synopsis: Important: xpdf security update Issue date: 2009-12-16 CVE Names: CVE-2009-4035 Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw in Xpdf's Type 1 font parser. A specially-crafted PDF file with an embedded Type 1 font could cause Xpdf to crash or, possibly, execute arbitrary code when opened. (CVE-2009-4035) SL 4.x SRPMS: xpdf-3.00-23.el4_8.1.src.rpm i386: xpdf-3.00-23.el4_8.1.i386.rpm x86_64: xpdf-3.00-23.el4_8.1.x86_64.rpm -Connie Sieh -Troy Dawson