Re: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125

To: debian-tetex-maint@lists.debian.org
Subject: Re: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
From: Frank Küster <frank@debian.org>
Date: Thu, 23 Dec 2004 16:47:44 +0100
Message-id: <[🔎] 87mzw5xbhb.fsf@alhambra.bioz.unibas.ch>
In-reply-to: <[🔎] 20041223125400.GA31076@box79162.elkhouse.de> (Martin Pitt's message of "Thu, 23 Dec 2004 13:54:00 +0100")
References: <[🔎] 20041223125400.GA31076@box79162.elkhouse.de>

Martin Pitt <mpitt@debian.org> schrieb:

> Package: tetex-bin
> Version: 2.0.2-23
> Severity: grave
> Tags: security patch
> Justification: user security hole
>
> Hi teTeX maintainers!
>
> Recently CAN-2004-1125 has been discovered in xpdf. Since tetex-bin
> contains verbatim xpdf code (sigh), this package is affected as well.

Thank you. Have you filed bugs against the other packages that are known
to use xpdf code, too? By the way, the idefense URL in your changelog
has been truncated; it needs a trailing "&type=vulnerabilities" to
work. 

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

References:
- Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
  - From: Martin Pitt <mpitt@debian.org>

Prev by Date: CVS frank tetex-bin: close bug in changelog
Next by Date: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
Previous by thread: Bug#286984: tetex-bin in woody (was: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125)
Next by thread: Bug#286984: tetex-bin: Vulnerable to CAN-2004-1125
Index(es):
- Date
- Thread