Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Martin Schulze <joey@infodrom.org> wrote:
> Frank Küster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge. Please
> let me know which version in sid fixes these problems.
None: Since the version in sid links against libpoppler, no changes need
to be made to it. We just need an up-to-date poppler - and according to
its changelog
poppler (0.4.3-2) unstable; urgency=high
[ Martin Pitt ]
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Add debian/patches/003-CVE-2005-3624_5_7.patch:
[...]
* Add debian/patches/004-fix-CVE-2005-3192.patch:
[...]
poppler (0.4.3-1) unstable; urgency=high
* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
it seems everything is okay there.
Regards, Frank
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer
Reply to: