Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

To: Martin Schulze <joey@infodrom.org>
Cc: 342292@bugs.debian.org, Debian Security Team <team@security.debian.org>, Martin Pitt <mpitt@debian.org>, Florian Weimer <fw@deneb.enyo.de>
Subject: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
From: Frank Küster <frank@kuesterei.ch>
Date: Thu, 12 Jan 2006 10:43:05 +0100
Message-id: <[🔎] 86bqyh7pee.fsf@alhambra.kuesterei.ch>
Reply-to: Frank Küster <frank@kuesterei.ch>, 342292@bugs.debian.org
In-reply-to: <[🔎] 20060111195035.GA30330@finlandia.infodrom.north.de> (Martin Schulze's message of "Wed, 11 Jan 2006 20:50:35 +0100")
References: <20051206221518.7625.85542.reportbug@localhost.localdomain> <86lkyx8127.fsf@alhambra.kuesterei.ch> <20051209144703.GA21830@finlandia.infodrom.north.de> <86r78mjh4g.fsf@alhambra.kuesterei.ch> <20051209204508.GZ16502@finlandia.infodrom.north.de> <86irtvkedi.fsf@alhambra.kuesterei.ch> <20051212075239.GI16502@finlandia.infodrom.north.de> <86oe3kyl0w.fsf@alhambra.kuesterei.ch> <[🔎] 20060111195035.GA30330@finlandia.infodrom.north.de>

Martin Schulze <joey@infodrom.org> wrote:

> Frank Küster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge.  Please
> let me know which version in sid fixes these problems.

None: Since the version in sid links against libpoppler, no changes need
to be made to it.  We just need an up-to-date poppler - and according to
its changelog

poppler (0.4.3-2) unstable; urgency=high

  [ Martin Pitt ]
  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/003-CVE-2005-3624_5_7.patch:
[...]
  * Add debian/patches/004-fix-CVE-2005-3192.patch:
[...]
poppler (0.4.3-1) unstable; urgency=high

  * New upstream release.
  * New maintainer (Closes: #344738)
  * CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.

it seems everything is okay there.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

References:
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Martin Schulze <joey@infodrom.org>

Prev by Date: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Next by Date: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Previous by thread: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Next by thread: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Index(es):
- Date
- Thread