Ubuntu
tetex-bin package

[CAN-2005-0064] iDEFENSE Security Advisory 01.18.05 (xpdf)

Bug #12044 reported by Debian Bug Importer
4
Affects Status Importance Assigned to Milestone
tetex-bin (Debian)
Fix Released
Unknown
tetex-bin (Ubuntu)
Fix Released
High
Martin Pitt

Bug Description

Automatically imported from Debian bug report #291179 http://bugs.debian.org/291179

See original description

CVE References

Revision history for this message
In , Hilmar Preusse (hille42) wrote : Re: Bug#291179: [CAN-2005-0064] iDEFENSE Security Advisory 01.18.05 (xpdf)

On 19.01.05 Hilmar Preusse (<email address hidden>) wrote:

> seems to be another overflow in the xpdf library.
>
> http://www.securityfocus.com/archive/1/387583
>
Sorry, I didn't read the changelog of -26 before reporting!
Closing.

> patch available at the vendor site:
>
> ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch
>
> Yet I didn't have the time, if woody is affected too.
>
not affected.

Thanks,
  Hilmar
--
sigmentation fault

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #291179 http://bugs.debian.org/291179

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <20050119090646.GA2092@preusse>
Date: Wed, 19 Jan 2005 10:06:46 +0100
From: Hilmar Preusse <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: [CAN-2005-0064] iDEFENSE Security Advisory 01.18.05 (xpdf)

--azLHFNyN32YCQGCU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Package: tetex-bin
Version: 2.0.2-26
Severity: grave
Tags: security patch

Hi,

seems to be another overflow in the xpdf library.

  http://www.securityfocus.com/archive/1/387583

patch available at the vendor site:

  ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch

Yet I didn't have the time, if woody is affected too.

Regards,
  Hilmar
--=20
sigmentation fault

--azLHFNyN32YCQGCU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Cygwin)

iQB1AwUBQe4jJTwKFtukZhFxAQK9QQMAgBtLlt9AIEJDD1jviRehgi0NGHSo35sD
+pRrNQqNENFF0ZwZD1yBVsVEdGUG2uWYSbnCePH42Bkm+OQ/Ncr0LFqbJ3DKuedD
LO6mPcK683MFNpx/ERh/vDMWiJO+g+jU
=vYyo
-----END PGP SIGNATURE-----

--azLHFNyN32YCQGCU--

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <20050119093719.GA1828@preusse>
Date: Wed, 19 Jan 2005 10:37:19 +0100
From: Hilmar Preusse <email address hidden>
To: <email address hidden>
Subject: Re: Bug#291179: [CAN-2005-0064] iDEFENSE Security Advisory 01.18.05 (xpdf)

On 19.01.05 Hilmar Preusse (<email address hidden>) wrote:

> seems to be another overflow in the xpdf library.
>
> http://www.securityfocus.com/archive/1/387583
>
Sorry, I didn't read the changelog of -26 before reporting!
Closing.

> patch available at the vendor site:
>
> ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch
>
> Yet I didn't have the time, if woody is affected too.
>
not affected.

Thanks,
  Hilmar
--
sigmentation fault

Revision history for this message
Martin Pitt (pitti) wrote :

Already fixed in Warty (USN-64-1) and Hoary (3.00-11ubuntu2).

Bug Watch Updater (bug-watch-updater)
Changed in tetex-bin:
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.