Re: Processing of texlive-bin_2007-14+lenny1_i386.changes
Hi Ralf!
On So, 09 Dez 2007, Ralf Stubner wrote:
> I wondered, too. Then I found
> <URL:http://packages.qa.debian.org/t/texlive-bin/news/20071208T233215Z.html>
> containing:
>
> texlive-bin (2007-14+lenny1) testing-security; urgency=high
> .
> * Non-maintainer upload by the security team
> * Fix stack based buffer overflow in hpc.c to prevent user-assisted
> attackers to execute arbitrary code via a DVI file with a long href
> tag
> Fixes: CVE-2007-5935
Thanks for finding that. I checked, it is nothing else than the patch
hps-segfault-fix
we already have in .dfsg.1-1, it was only uploaded because we are
waiting for libpoppler to enter testing ...
> I have no idea why this was sent to
> debian-testing-changes@lists.debian.org but not to the maitainer
> address.
That surprises me, too!
Best wishes
Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining <preining@logic.at> Vienna University of Technology
Debian Developer <preining@debian.org> Debian TeX Group
gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
PIMLICO (n.)
Small odd-shaped piece of plastic or curious metal component found in
the bottom of kitchen rummage-drawer when spring-cleaning or looking
for Sellotape.
--- Douglas Adams, The Meaning of Liff
Reply to: