A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: poppler-0.4.4-1.1. Here the announcement:
Fedora Update Notification
FEDORA-2005-026
2006-01-10
---------------------------------------------------------------------
Product : Fedora Core 4
Name : poppler
Version : 0.4.4
Release : 1.1
Summary : PDF rendering library
Description :
Poppler, a PDF rendering library, it's a fork of the xpdf PDF
viewer developed by Derek Noonburg of Glyph and Cog, LLC.
---------------------------------------------------------------------
Update Information:
Chris Evans discovered several flaws in the way poppler
processes PDF files. An attacker could construct a carefully
crafted PDF file that could cause poppler to crash or possibly
execute arbitrary code when opened. The Common
Vulnerabilities and Exposures project assigned the names
CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and
CVE-2005-3627 to these issues.
---------------------------------------------------------------------
* Tue Jan 10 2006 Kristian Høgsberg <krh@redhat.com> 0.4.4-1.1
- Update to 0.4.4 release and drop poppler-0.4.3-CVE-2005-3191.patch.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
3690ab8e7d8e717f6fe2580a81738c579996357f SRPMS/poppler-0.4.4-1.1.src.rpm
1597b8461a8bd1972aee62d4e1b2027dcf2bbc42 ppc/poppler-0.4.4-1.1.ppc.rpm
363d5fcff948292d5f60663309df7bd147ddb7e7 ppc/poppler-devel-0.4.4-1.1.ppc.rpm
e372992802a3e1867dcbab31e4a69720065809c8 ppc/debug/poppler-debuginfo-0.4.4-1.1.ppc.rpm
6c30672e65b4f257812f0a6c1e4443aa8354e687 x86_64/poppler-0.4.4-1.1.x86_64.rpm
9ad63986347bb0de8cadb1fca0df69d865cbef4a x86_64/poppler-devel-0.4.4-1.1.x86_64.rpm
ed87f5deb75bcef2cfe15d2ea5a33991eb4227cb x86_64/debug/poppler-debuginfo-0.4.4-1.1.x86_64.rpm
1571c13ca07473bf880dad9712c2505fdf7d4e71 i386/poppler-0.4.4-1.1.i386.rpm
798f241bcec802e7d0c6ef09aebdaebd4f112d9c i386/poppler-devel-0.4.4-1.1.i386.rpm
2f18e087f3eb11a56204ef3caaedba900ba86eb9 i386/debug/poppler-debuginfo-0.4.4-1.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.