The kdegraphics packages contain applications for the K Desktop Environment, including KPDF, a viewer for Portable Document Format files. An uninitialized pointer use flaw was discovered in KPDF. An attacker could create a malicious PDF file that, when opened, would cause KPDF to crash or, potentially, execute arbitrary code. An array index error was found in the way KPDF parsed PostScript Type 1 fonts embedded in PDF documents. An attacker could create a malicious PDF file that, when opened, would cause KPDF to crash or, potentially, execute arbitrary code. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.