Bug#355122: missing hunk in latest security patch?
Tags: woody security
This is a spin off from #346086. The bug is fixed in teTeX
2.0.2-30sarge4. Further the bug is fixed in the woody version except
the last hunk, which seems to be missing.
I've asked the submitter if one really needs that hunk and got the
answer that the missing hunk could make xpdf hang. He further said:
"This is precisely the fix that is required to avoid endless loops
with prematurely ending PDF files (CVE-2005-3625). So it is not
exploitable to execute any code or something, but it's still a nasty
DoS, particularly in Cups."
Please check if one really needs it in the xpdf version of woody
(1.0) and if yes apply it.
For further informations please refer to the bug quoted above.