Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125

To: 286984@bugs.debian.org
Subject: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
From: Frank Küster <frank@debian.org>
Date: Thu, 23 Dec 2004 17:09:29 +0100
Message-id: <[🔎] 87ekhhxah2.fsf@alhambra.bioz.unibas.ch>
Reply-to: Frank Küster <frank@debian.org>, 286984@bugs.debian.org
In-reply-to: <[🔎] 20041223143700.GA1900@preusse> (Hilmar Preusse's message of "Thu, 23 Dec 2004 15:37:00 +0100")
References: <[🔎] 20041223125400.GA31076@box79162.elkhouse.de> <[🔎] 20041223143700.GA1900@preusse>

Hilmar Preusse <hille42@web.de> schrieb:

> Thanks for the report! Hmm, xpdf 1.0 contains exactly the same
> vulnerable code. 

I must be blind (or you looked at something different: I looked at the
code in tetex-bin_1.0.7+20011202-7.3, which does not contain xpdf-1.0,
but 0.92). I couldn't find it in these sources; the vulnerable part after

    // get the mask

is missing.

TIA, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

Follow-Ups:
- Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
  - From: Hilmar Preusse <hille42@web.de>

References:
- Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
  - From: Martin Pitt <mpitt@debian.org>
- Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
  - From: Hilmar Preusse <hille42@web.de>

Prev by Date: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
Next by Date: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
Previous by thread: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
Next by thread: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
Index(es):
- Date
- Thread