Comment 10 for bug 14171

Message-ID: <email address hidden>
Date: Sat, 19 Mar 2005 20:46:17 +0100
From: =?iso-8859-1?q?Frank_K=FCster?= <email address hidden>
To: Joey Hess <email address hidden>
Cc: <email address hidden>, Hilmar Preusse <email address hidden>
Subject: Re: Bug#300182: tetex-bin still vulnerable to CAN-2004-0888
 (CAN-2005-0206)

Joey Hess <email address hidden> schrieb:

> Hilmar Preusse wrote:
>> As recently discovered the patch, which fixed CAN-2004-0888, seems to
>> be broken on all 64bit platforms (tested only on ia64 though).[1]
>
> Note that CAN-2005-0206 has been assigned for this issue.
>
> BTW, since you were able to track this one down, do you have any info
> about the other packages (cupsys, xpdf, etc) that also has
> CAN-2004-0888? Do they also need fixes, and do you have a patch for
> them?

Did you read my analysis I sent to the bug address? I think we are not
vulnerably, but I am not sure; I'd be glad if somebody else looked over
it and agreed with me...

Regards, Frank
--=20
Frank K=FCster
Inst. f. Biochemie der Univ. Z=FCrich
Debian Developer