Ubuntu
tetex-bin package

  1. Bug #11419
  2. Comment #6

Comment 6 for bug 11419

Revision history for this message
In , Martin Pitt (pitti) wrote : Re: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125

Hi Hilmar!

Hilmar Preusse [2004-12-23 15:37 +0100]:
> > You can get the Ubuntu security update patch from
> >
> > http://patches.ubuntu.com/patches/tetex-bin.CAN-2004-1125.diff
> >
> , which is not much more than
> ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch + the Debian/Ubuntu
> specific stuff.

Right; to the contrary, it is even a bit shorter than the original
patch. I included it more or less only for the sake of completeness
:-)

> The original report e.g. on
> http://www.auscert.org.au/render.html?it=4651 .
>
> Thanks for the report! Hmm, xpdf 1.0 contains exactly the same
> vulnerable code. I guess there will be another tetex for stable soon.

I did not look into that. If stable is affected, too, then can you
please keep track of the release tags?

Merry Christmas!

Martin

--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org