tetex-bin: New integer overflows in xpdf copy [CVE-2005-3624, CVE-2005-3625, CVE-2005-3627]
Bug #28034 reported by
Debian Bug Importer
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tetex-bin (Debian) |
Fix Released
|
Unknown
|
|||
| tetex-bin (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Bug Description
Automatically imported from Debian bug report #346086 http://
Revision history for this message
| Debian Bug Importer (debzilla) wrote | #1 |
Revision history for this message
| Martin Pitt (pitti) wrote | #2 |
Revision history for this message
| Martin Pitt (pitti) wrote | #3 |
| Changed in tetex-bin: | |
| status: | Unconfirmed → Fix Released |
To post a comment you must log in.
Message-ID: <email address hidden>
Date: Thu, 5 Jan 2006 15:14:26 +0100
From: Martin Pitt <email address hidden>
To: Debian BTS Submit <email address hidden>
Cc: <email address hidden>
Subject: tetex-bin: New integer overflows in xpdf copy [CVE-2005-3624, CVE-2005-3625, CVE-2005-3627]
--H4SyuGOnfnj3aJqJ
Content-Type: text/plain; charset=us-ascii
Content-
Content-
Package: tetex-bin
Version: 2.0.2-30
Severity: critical
Tags: security patch
Hi!
Chris Evans found some more integer overflows in the xpdf code [1] which af=
fect
tetex-bin as well. [1] also has demo exploit PDFs for patch checking.
See [2] for the Ubuntu debdiff.=20
This only affects sarge (and woody); luckily sid is finally cured
forever due to poppler, so please mark this bug as fixed in sid.
Thanks,
Martin
[1] http://
[2] http://
--=20
Martin Pitt http://
Ubuntu Developer http://
Debian Developer http://
In a world without walls and fences, who needs Windows and Gates?
--H4SyuGOnfnj3aJqJ
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDvSnCDec
GZ9uTjQ3A0XL7IV
=sPGr
-----END PGP SIGNATURE-----
--H4SyuGOnfnj3a