Debian
tetex-bin package

Bug #26650
Comment #10

Comment 10 for bug 26650

Revision history for this message

Debian Bug Importer (debzilla) wrote on 2005-12-08:

#10

Message-ID: <email address hidden>
Date: Thu, 8 Dec 2005 12:21:57 +0100
From: Martin Pitt <email address hidden>
To: <email address hidden>, <email address hidden>
Subject: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

--Dzs2zDY0zgkG72+7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

I'm currently preparing Ubuntu security updates for these issues, and
I noticed that the upstream provided patch is wrong. I sent the mail
below to upstream (and some others).

Can you please check that you indeed fixed (tetex-bin)/will fix
(poppler) DCTStream::readProgressiveSOF(), too?

Thanks,

Martin

----- Forwarded message from Martin Pitt <email address hidden> -----

=46rom: Martin Pitt <email address hidden>
To: <email address hidden>, <email address hidden>, Dirk Mueller <email address hidden>
Subject: Re: [vendor-sec] xpdf update - patch wrong?
Mail-Followup-To: <email address hidden>, <email address hidden>,
Dirk Mueller <email address hidden>
Date: Thu, 8 Dec 2005 11:20:37 +0100
X-Spam-Status: No, score=3D1.0 required=3D4.0 tests=3DAWL,BAYES_50,
RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_SORBS_WEB autolearn=3Dno version=3D3.0.3

Hi Derek, hi Dirk, hi Vendor-Sec!

Josh Bressers [2005-12-06 13:50 -0500]:
> In the event any of you missed this:
>=20
> http://www.idefense.com/application/poi/display?id=3D342&type=3Dvulnerabi=
lities
> http://www.idefense.com/application/poi/display?id=3D343&type=3Dvulnerabi=
lities

It seems that the patch linked from these advisories [1] is a little
bit flawed: it checks numComps twice in DCTStream::readBaselineSOF(),
but does not check it in DCTStream::readProgressiveSOF().

It *seems* that KDE spotted and removed the double check in their
kdegraphics patch [2], but unless they removed
DCTStream::readProgressiveSOF() (which could very well be, I didn't
check yet), these patches now have the same flaw.

Thanks,

Martin

[1] ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch
[2] ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdegraphics-CAN-2=
005-3193.diff

--=20
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntu.com
Debian Developer http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?

----- End forwarded message -----

--Dzs2zDY0zgkG72+7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDmBdVDecnbV4Fd/IRArJnAJ9lVGh7ZCQ3loxC7+uKfzBnMfuqVQCgt5KY
PNLCquUaYwRRfhC9QWYKbg4=
=JqTt
-----END PGP SIGNATURE-----

--Dzs2zDY0zgkG72+7--

Message-ID: <20051208112157.GF5010@piware.de>
Date: Thu, 8 Dec 2005 12:21:57 +0100
From: Martin Pitt <martin.pitt@canonical.com>
To: 342292@bugs.debian.org, 342288@bugs.debian.org
Subject: Fwd: Re: [vendor-sec] xpdf update - patch wrong?

--Dzs2zDY0zgkG72+7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

I'm currently preparing Ubuntu security updates for these issues, and
I noticed that the upstream provided patch is wrong. I sent the mail
below to upstream (and some others).

Can you please check that you indeed fixed (tetex-bin)/will fix
(poppler) DCTStream::readProgressiveSOF(), too?

Thanks,

Martin

----- Forwarded message from Martin Pitt <martin.pitt@canonical.com> -----

=46rom: Martin Pitt <martin.pitt@canonical.com>
To: vendor-sec@lst.de, derekn@foolabs.com, Dirk Mueller <mueller@kde.org>
Subject: Re: [vendor-sec] xpdf update - patch wrong?
Mail-Followup-To: vendor-sec@lst.de, derekn@foolabs.com,
	Dirk Mueller <mueller@kde.org>
Date: Thu, 8 Dec 2005 11:20:37 +0100
X-Spam-Status: No, score=3D1.0 required=3D4.0 tests=3DAWL,BAYES_50,
	RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_SORBS_WEB autolearn=3Dno version=3D3.0.3

Hi Derek, hi Dirk, hi Vendor-Sec!

It seems that the patch linked from these advisories [1] is a little
bit flawed: it checks numComps twice in DCTStream::readBaselineSOF(),
but does not check it in DCTStream::readProgressiveSOF().

Thanks,

Martin

[1] ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch
[2] ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdegraphics-CAN-2=
005-3193.diff

--=20
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?

----- End forwarded message -----

--Dzs2zDY0zgkG72+7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDmBdVDecnbV4Fd/IRArJnAJ9lVGh7ZCQ3loxC7+uKfzBnMfuqVQCgt5KY
PNLCquUaYwRRfhC9QWYKbg4=
=JqTt
-----END PGP SIGNATURE-----

--Dzs2zDY0zgkG72+7--

Debiantetex-bin package

Comment 10 for bug 26650

Debian
tetex-bin package