Comment 79 for bug 26650

Message-ID: <email address hidden>
Date: Thu, 12 Jan 2006 10:43:05 +0100
From: =?iso-8859-1?q?Frank_K=FCster?= <email address hidden>
To: Martin Schulze <email address hidden>
Cc: <email address hidden>, Debian Security Team <email address hidden>,
 Martin Pitt <email address hidden>, Florian Weimer <email address hidden>
Subject: Re: Bug#342292: tetex-bin: Multiple exploitable heap overflows in
 embedded xpdf copy

Martin Schulze <email address hidden> wrote:

> Frank K=FCster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge. Please
> let me know which version in sid fixes these problems.

None: Since the version in sid links against libpoppler, no changes need
to be made to it. We just need an up-to-date poppler - and according to
its changelog

poppler (0.4.3-2) unstable; urgency=3Dhigh

  [ Martin Pitt ]
  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/003-CVE-2005-3624_5_7.patch:
[...]
  * Add debian/patches/004-fix-CVE-2005-3192.patch:
[...]
poppler (0.4.3-1) unstable; urgency=3Dhigh

  * New upstream release.
  * New maintainer (Closes: #344738)
  * CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.

it seems everything is okay there.

Regards, Frank
--=20
Frank K=FCster
Inst. f. Biochemie der Univ. Z=FCrich
Debian Developer