I'm currently preparing Ubuntu security updates for these issues, and
I noticed that the upstream provided patch is wrong. I sent the mail
below to upstream (and some others).
Can you please check that you indeed fixed (tetex-bin)/will fix
(poppler) DCTStream::readProgressiveSOF(), too?
Thanks,
Martin
----- Forwarded message from Martin Pitt <email address hidden> -----
It seems that the patch linked from these advisories [1] is a little
bit flawed: it checks numComps twice in DCTStream::readBaselineSOF(),
but does not check it in DCTStream::readProgressiveSOF().
It *seems* that KDE spotted and removed the double check in their
kdegraphics patch [2], but unless they removed
DCTStream::readProgressiveSOF() (which could very well be, I didn't
check yet), these patches now have the same flaw.
Hi!
I'm currently preparing Ubuntu security updates for these issues, and
I noticed that the upstream provided patch is wrong. I sent the mail
below to upstream (and some others).
Can you please check that you indeed fixed (tetex-bin)/will fix :readProgressiv eSOF(), too?
(poppler) DCTStream:
Thanks,
Martin
----- Forwarded message from Martin Pitt <email address hidden> -----
From: Martin Pitt <email address hidden> BL_SPAMCOP_ NET,RCVD_ IN_SORBS_ WEB autolearn=no version=3.0.3
To: <email address hidden>, <email address hidden>, Dirk Mueller <email address hidden>
Subject: Re: [vendor-sec] xpdf update - patch wrong?
Mail-Followup-To: <email address hidden>, <email address hidden>,
Dirk Mueller <email address hidden>
Date: Thu, 8 Dec 2005 11:20:37 +0100
X-Spam-Status: No, score=1.0 required=4.0 tests=AWL,BAYES_50,
RCVD_IN_
Hi Derek, hi Dirk, hi Vendor-Sec!
Josh Bressers [2005-12-06 13:50 -0500]: www.idefense. com/application /poi/display? id=342& type=vulnerabil ities www.idefense. com/application /poi/display? id=343& type=vulnerabil ities
> In the event any of you missed this:
>
> http://
> http://
It seems that the patch linked from these advisories [1] is a little :readBaselineSO F(), :readProgressiv eSOF().
bit flawed: it checks numComps twice in DCTStream:
but does not check it in DCTStream:
It *seems* that KDE spotted and removed the double check in their :readProgressiv eSOF() (which could very well be, I didn't
kdegraphics patch [2], but unless they removed
DCTStream:
check yet), these patches now have the same flaw.
Thanks,
Martin
[1] ftp://ftp. foolabs. com/pub/ xpdf/xpdf- 3.01pl1. patch kde.org/ pub/kde/ security_ patches/ post-3. 4.3-kdegraphics -CAN-2005- 3193.diff
[2] ftp://ftp.
-- www.piware. de www.ubuntu. com www.debian. org
Martin Pitt http://
Ubuntu Developer http://
Debian Developer http://
In a world without walls and fences, who needs Windows and Gates?
----- End forwarded message -----