[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Processing of texlive-bin_2007-14+lenny1_i386.changes

Hi Ralf!

On So, 09 Dez 2007, Ralf Stubner wrote:
> I wondered, too. Then I found
> <URL:http://packages.qa.debian.org/t/texlive-bin/news/20071208T233215Z.html> 
> containing:
> 
>  texlive-bin (2007-14+lenny1) testing-security; urgency=high
>  .
>    * Non-maintainer upload by the security team
>    * Fix stack based buffer overflow in hpc.c to prevent user-assisted
>      attackers to execute arbitrary code via a DVI file with a long href
>      tag
>      Fixes: CVE-2007-5935

Thanks for finding that. I checked, it is nothing else than the patch
	hps-segfault-fix
we already have in .dfsg.1-1, it was only uploaded because we are
waiting for libpoppler to enter testing ...

> I have no idea why this was sent to
> debian-testing-changes@lists.debian.org but not to the maitainer
> address. 

That surprises me, too!

Best wishes

Norbert

-------------------------------------------------------------------------------
Dr. Norbert Preining <preining@logic.at>        Vienna University of Technology
Debian Developer <preining@debian.org>                         Debian TeX Group
gpg DSA: 0x09C5B094      fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
PIMLICO (n.)
Small odd-shaped piece of plastic or curious metal component found in
the bottom of kitchen rummage-drawer when spring-cleaning or looking
for Sellotape.
			--- Douglas Adams, The Meaning of Liff
Reply to: