Comment 67 for bug 26650

Message-ID: <email address hidden>
Date: Mon, 12 Dec 2005 09:01:15 +0100
From: =?iso-8859-1?q?Frank_K=FCster?= <email address hidden>
To: Martin Pitt <email address hidden>
Cc: Martin Schulze <email address hidden>, <email address hidden>,
 Debian Security Team <email address hidden>, Florian Weimer <email address hidden>
Subject: Re: Bug#342292: tetex-bin: Multiple exploitable heap overflows in
 embedded xpdf copy

Martin Pitt <email address hidden> wrote:

> Frank K=FCster [2005-12-11 13:27 +0100]:
>
>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published? Should I
>> delay an upload to sid until this can be fixed, too?
>
> Hm, I'm not aware of any additional issues. Florian raised and
> explained why 'p =3D f1*f2; if (p/f1 !=3D f2)' is flawed, so I updated the
> patch to not use it any more. Are there any additional issues I
> missed?

He said that the function gmallocn is flawed; but you're right, this
does not affect tetex-bin (yet), only xpdf.

Regards, Frank
--=20
Frank K=FCster
Inst. f. Biochemie der Univ. Z=FCrich
Debian Developer