Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document. For the stable distribution (lenny), these problems have been fixed in version 4:3.5.9-3+lenny3. The unstable distribution (sid) no longer contains kpdf. It's replacement, Okular, links against the poppler PDF library. We recommend that you upgrade your kdegraphics packages.
Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.
For the stable distribution (lenny), these problems have been fixed in version 4:3.5.9-3+lenny3.
The unstable distribution (sid) no longer contains kpdf. It's replacement, Okular, links against the poppler PDF library.
We recommend that you upgrade your kdegraphics packages.
MD5 checksums of the listed files are available in the original advisory.