Updated kdegraphics packages that resolve a security issue in kpdf are now
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.
A flaw was discovered in kpdf. An attacker could construct a carefully
crafted PDF file that would cause kpdf to consume all available disk space
in /tmp when opened. The Common Vulnerabilities and Exposures project
assigned the name CAN-2005-2097 to this issue.
Note this issue does not affect Red Hat Enterprise Linux 3 or 2.1.
Users of kpdf should upgrade to these updated packages, which contains a
backported patch to resolve this issue.