Ubuntu
tetex-bin package

  1. Bug #26650
  2. Comment #72

Comment 72 for bug 26650

Revision history for this message
In , Frank Küster (frank-debian) wrote : Re: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

Martin Schulze <email address hidden> wrote:

>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published? Should I
>> delay an upload to sid until this can be fixed, too?
>
> Which issues? *phear*

Florian said that the new function gmallocn (used in xpdf >= 3.01 and
derivatives, but not in tetex-bin) isn't save, either.

I'm currently preparing an upload of tetex-bin linked against libpoppler.

Regards, Frank
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer