Mailinglist Archive: opensuse-updates (48 mails)

< Previous Next >
openSUSE-SU-2010:0691-1 (important): okular security update
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Fri, 1 Oct 2010 20:08:23 +0200 (CEST)
  • Message-id: <20101001180823.30F17BE44@xxxxxxxxxxxxxx>
openSUSE Security Update: okular security update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0691-1
Rating: important
References: #634743
Cross-References: CVE-2010-2575
Affected Products:
openSUSE 11.3
openSUSE 11.2
openSUSE 11.1
______________________________________________________________________________

An update that fixes one vulnerability is now available. It
includes one version update.

Description:

This update fixes a heap-based overflow in okular. The RLE
decompression in the TranscribePalmImageToJPEG() function
can be exploited to execute arbitrary code with user
privileges by providing a crafted PDF file. (CVE-2010-2575).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch gwenview-3080

- openSUSE 11.2:

zypper in -t patch gwenview-3080

- openSUSE 11.1:

zypper in -t patch gwenview-3080

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.3 (i586 x86_64):

gwenview-4.4.4-2.1.1
kcolorchooser-4.4.4-2.1.1
kdegraphics4-4.4.4-2.1.1
kgamma-4.4.4-2.1.1
kio_kamera-4.4.4-2.1.1
kolourpaint-4.4.4-2.1.1
kruler-4.4.4-2.1.1
ksnapshot-4.4.4-2.1.1
libkdcraw-devel-4.4.4-2.1.1
libkdcraw8-4.4.4-2.1.1
libkexiv2-8-4.4.4-2.1.1
libkexiv2-devel-4.4.4-2.1.1
libkipi-devel-4.4.4-2.1.1
libkipi7-4.4.4-2.1.1
libksane-devel-4.4.4-2.1.1
libksane0-4.4.4-2.1.1
okular-4.4.4-2.1.1
okular-devel-4.4.4-2.1.1

- openSUSE 11.2 (i586 x86_64) [New Version: 4.3.5]:

gwenview-4.3.5-0.3.1
kcolorchooser-4.3.5-0.3.1
kdegraphics4-4.3.5-0.3.1
kgamma-4.3.5-0.3.1
kio_kamera-4.3.5-0.3.1
kolourpaint-4.3.5-0.3.1
kruler-4.3.5-0.3.1
ksnapshot-4.3.5-0.3.1
libkdcraw-devel-4.3.5-0.3.1
libkdcraw7-4.3.5-0.3.1
libkexiv2-7-4.3.5-0.3.1
libkexiv2-devel-4.3.5-0.3.1
libkipi-devel-4.3.5-0.3.1
libkipi6-4.3.5-0.3.1
libksane-devel-4.3.5-0.3.1
libksane0-4.3.5-0.3.1
okular-4.3.5-0.3.1
okular-devel-4.3.5-0.3.1

- openSUSE 11.1 (i586 ppc x86_64):

gwenview-1.4.2-116.50.1
gwenview-lang-1.4.2-116.50.1
kde4-gwenview-4.1.3-4.8.2
kde4-kcolorchooser-4.1.3-4.8.2
kde4-kgamma-4.1.3-4.8.2
kde4-kio_kamera-4.1.3-4.8.2
kde4-kolourpaint-4.1.3-4.8.2
kde4-kruler-4.1.3-4.8.2
kde4-ksnapshot-4.1.3-4.8.2
kde4-okular-4.1.3-4.8.2
kde4-okular-devel-4.1.3-4.8.2
kdegraphics4-4.1.3-4.8.2
libkdcraw7-4.1.3-4.8.2
libkdcraw7-devel-4.1.3-4.8.2
libkexiv2-7-4.1.3-4.8.2
libkexiv2-7-devel-4.1.3-4.8.2
libkipi-devel-0.1.6-1.64.1
libkipi5-4.1.3-4.8.2
libkipi5-devel-4.1.3-4.8.2
libksane0-4.1.3-4.8.2


References:

http://support.novell.com/security/cve/CVE-2010-2575.html
https://bugzilla.novell.com/634743


< Previous Next >
List Navigation
This Thread
  • No further messages