[RHSA-2013:1402-01] Important: Adobe Reader - notification of end of updates

news · October 2, 2013

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

=====================================================================

Red Hat Security Advisory

Synopsis: Important: Adobe Reader - notification of end of updates

Advisory ID: RHSA-2013:1402-01

Product: Red Hat Enterprise Linux Supplementary

Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1402.html

Issue date: 2013-10-02

=====================================================================

1. Summary:

Updated acroread packages that disable the Adobe Reader web browser plug-in

are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64

Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64

Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

3. Description:

Adobe Reader allows users to view and print documents in Portable Document

Format (PDF). Adobe Reader 9 reached the end of its support cycle on June

26, 2013, and will not receive any more security updates. Future versions

of Adobe Acrobat Reader will not be available with Red Hat Enterprise

Linux.

The Adobe Reader packages in the Red Hat Network (RHN) channels will

continue to be available. Red Hat will continue to provide these packages

only as a courtesy to customers. Red Hat will not provide updates to the

Adobe Reader packages.

This update disables the Adobe Reader web browser plug-in, which is

available via the acroread-plugin package, to prevent the exploitation of

security issues without user interaction when a user visits a malicious web

page.

4. Solution:

Red Hat advises users to reconsider further use of Adobe Reader for Linux,

as it may contain known, unpatched security issues. Alternative PDF

rendering software, such as Evince and KPDF (part of the kdegraphics

package) in Red Hat Enterprise Linux 5, or Evince and Okular (part of the

kdegraphics package) in Red Hat Enterprise Linux 6, should be

considered. These packages will continue to receive security fixes.

Red Hat will no longer provide security updates to these packages and

recommends that customers not use this application on Red Hat Enterprise

Linux effective immediately.

5. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 5):

i386:

acroread-9.5.5-2.el5_10.i386.rpm

acroread-plugin-9.5.5-2.el5_10.i386.rpm

x86_64:

acroread-9.5.5-2.el5_10.i386.rpm

acroread-plugin-9.5.5-2.el5_10.i386.rpm

Red Hat Enterprise Linux Server Supplementary (v. 5):

i386:

acroread-9.5.5-2.el5_10.i386.rpm

acroread-plugin-9.5.5-2.el5_10.i386.rpm

x86_64:

acroread-9.5.5-2.el5_10.i386.rpm

acroread-plugin-9.5.5-2.el5_10.i386.rpm

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:

acroread-9.5.5-1.el6_4.1.i686.rpm