Debian
tetex-bin package

  1. Bug #11419
  2. Comment #3

Comment 3 for bug 11419

Revision history for this message
In , Hilmar Preusse (hille42) wrote : Re: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125

On 23.12.04 Martin Pitt (<email address hidden>) wrote:

Hi,

> Recently CAN-2004-1125 has been discovered in xpdf. Since tetex-bin
> contains verbatim xpdf code (sigh), this package is affected as well.
>
Time got get a fix for #252104...

> You can get the Ubuntu security update patch from
>
> http://patches.ubuntu.com/patches/tetex-bin.CAN-2004-1125.diff
>
, which is not much more than
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch + the Debian/Ubuntu
specific stuff. The original report e.g. on
http://www.auscert.org.au/render.html?it=4651 .

Thanks for the report! Hmm, xpdf 1.0 contains exactly the same
vulnerable code. I guess there will be another tetex for stable soon.

Regards,
  Hilmar
--
sigmentation fault