Message-ID: <email address hidden>
Date: Thu, 12 Jan 2006 10:43:05 +0100
From: =?iso-8859-1?q?Frank_K=FCster?= <email address hidden>
To: Martin Schulze <email address hidden>
Cc: <email address hidden>, Debian Security Team <email address hidden>,
Martin Pitt <email address hidden>, Florian Weimer <email address hidden>
Subject: Re: Bug#342292: tetex-bin: Multiple exploitable heap overflows in
embedded xpdf copy
Martin Schulze <email address hidden> wrote:
> Frank K=FCster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge. Please
> let me know which version in sid fixes these problems.
None: Since the version in sid links against libpoppler, no changes need
to be made to it. We just need an up-to-date poppler - and according to
its changelog
Message-ID: <email address hidden> 1?q?Frank_ K=FCster? = <email address hidden>
Date: Thu, 12 Jan 2006 10:43:05 +0100
From: =?iso-8859-
To: Martin Schulze <email address hidden>
Cc: <email address hidden>, Debian Security Team <email address hidden>,
Martin Pitt <email address hidden>, Florian Weimer <email address hidden>
Subject: Re: Bug#342292: tetex-bin: Multiple exploitable heap overflows in
embedded xpdf copy
Martin Schulze <email address hidden> wrote:
> Frank K=FCster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge. Please
> let me know which version in sid fixes these problems.
None: Since the version in sid links against libpoppler, no changes need
to be made to it. We just need an up-to-date poppler - and according to
its changelog
poppler (0.4.3-2) unstable; urgency=3Dhigh
[ Martin Pitt ] patches/ 003-CVE- 2005-3624_ 5_7.patch: patches/ 004-fix- CVE-2005- 3192.patch:
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Add debian/
[...]
* Add debian/
[...]
poppler (0.4.3-1) unstable; urgency=3Dhigh
* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
it seems everything is okay there.
Regards, Frank
--=20
Frank K=FCster
Inst. f. Biochemie der Univ. Z=FCrich
Debian Developer