Ubuntu
tetex-bin package

  1. Bug #11419
  2. Comment #17

Comment 17 for bug 11419

Revision history for this message
In , Frank Küster (frank-debian) wrote : Re: Bug#286984: marked as done (tetex-bin: Vulnerable to CAN-2004-1125)

reopen 286984
tags 286984 sarge
stop

> * SECURITY UPDATE:
> - Added debian/patches/patch-CAN-2004-1125 to fix a buffer overflow in
> PDF reading code that was taken from xpdf (closes: #286984). Thanks to
> Martin Pitt <email address hidden>, see
> http://www.idefense.com/application/poi/display?id=172 [frank]
> - Fixed insecure tempfile creation, thanks to Javier
> Fernández-Sanguino Peña <email address hidden> (closes: #286370) [frank]

I'm going to keep this open until this upload has entered sarge, just as
Adrian has suggested (and did) with CAN-2004-0888

Regards, Frank
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer