On Mon, Mar 01, 2004 at 12:48:35PM +1100, Michael Lake wrote: > Steve Langasek wrote: > >The Acrobat Reader software has serious security problems that Adobe has > >expressed a lack of interest in correcting. It's recommended that you > >use xpdf instead, and report any bugs to the very responsive maintainer. > Can you provide some links/refs or brief description of the security > problems? What are they? I understand that PostScript can contain virii > as its a full programming language but PDF is less that that. What can > it do thats nasty? A little googling turned up this reference to the Irix security advisory for the problem: http://www.auscert.org.au/render.html?it=2311&cid=1 At the time, attempts to persuade Adobe to release a fixed version of the software for Linux failed, and the license is sufficiently non-free that we couldn't fix the problem locally at the time (and can't distribute the software at all now, in any case). There's also http://bugs.debian.org/137997, a bug about static linking with a buggy zlib (which may have been fixed by Adobe since). Regards, -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature