On 23.12.04 Martin Pitt (<email address hidden>) wrote:
Hi,
> Recently CAN-2004-1125 has been discovered in xpdf. Since tetex-bin > contains verbatim xpdf code (sigh), this package is affected as well. > Time got get a fix for #252104...
> You can get the Ubuntu security update patch from > > http://patches.ubuntu.com/patches/tetex-bin.CAN-2004-1125.diff > , which is not much more than ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch + the Debian/Ubuntu specific stuff. The original report e.g. on http://www.auscert.org.au/render.html?it=4651 .
Thanks for the report! Hmm, xpdf 1.0 contains exactly the same vulnerable code. I guess there will be another tetex for stable soon.
Regards, Hilmar -- sigmentation fault
On 23.12.04 Martin Pitt (<email address hidden>) wrote:
Hi,
> Recently CAN-2004-1125 has been discovered in xpdf. Since tetex-bin
> contains verbatim xpdf code (sigh), this package is affected as well.
>
Time got get a fix for #252104...
> You can get the Ubuntu security update patch from patches. ubuntu. com/patches/ tetex-bin. CAN-2004- 1125.diff foolabs. com/pub/ xpdf/xpdf- 3.00pl2. patch + the Debian/Ubuntu www.auscert. org.au/ render. html?it= 4651 .
>
> http://
>
, which is not much more than
ftp://ftp.
specific stuff. The original report e.g. on
http://
Thanks for the report! Hmm, xpdf 1.0 contains exactly the same
vulnerable code. I guess there will be another tetex for stable soon.
Regards,
Hilmar
--
sigmentation fault