[SECURITY] Fedora 14 Update: evince-2.32.0-3.fc14

updates at fedoraproject.org updates at fedoraproject.org
Sat Jan 8 21:26:09 UTC 2011 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0208
2011-01-07 19:28:55
--------------------------------------------------------------------------------

Name        : evince
Product     : Fedora 14
Version     : 2.32.0
Release     : 3.fc14
URL         : http://projects.gnome.org/evince/
Summary     : Document viewer
Description :
Evince is simple multi-page document viewer. It can display and print
Portable Document Format (PDF), PostScript (PS) and Encapsulated PostScript
(EPS) files. When supported by the document format, evince allows searching
for text, copying text to the clipboard, hypertext navigation,
table-of-contents bookmarks and editing of forms.

 Support for other document formats such as DVI and DJVU can be added by
installing additional backends.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan  6 2011 Marek Kasik <mkasik at redhat.com> - 2.32.0-3
- Fixes CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643
- Resolves: #667573
* Mon Nov 22 2010 Marek Kasik <mkasik at redhat.com> - 2.32.0-2
- Fix crash in clear_job_selection()
- Remove unused patch
- Resolves: #647689
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #666314 - CVE-2010-2641 evince: Array index errror in DVI file VF font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666314
  [ 2 ] Bug #666318 - CVE-2010-2642 evince: Heap based buffer overflow in DVI file AFM font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666318
  [ 3 ] Bug #666313 - CVE-2010-2640 evince: Array index errror in DVI file PK font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666313
  [ 4 ] Bug #666321 - CVE-2010-2643 evince: Integer overflow in DVI file TFM font parser
        https://bugzilla.redhat.com/show_bug.cgi?id=666321
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update evince' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list