On Mon, Mar 01, 2004 at 12:48:35PM +1100, Michael Lake wrote:
Steve Langasek wrote:
The Acrobat Reader software has serious security problems that Adobe has
expressed a lack of interest in correcting. It's recommended that you
use xpdf instead, and report any bugs to the very responsive maintainer.
Can you provide some links/refs or brief description of the security
problems? What are they? I understand that PostScript can contain virii
as its a full programming language but PDF is less that that. What can
it do thats nasty?
A little googling turned up this reference to the Irix security advisory
for the problem:
http://www.auscert.org.au/render.html?it=2311&cid=1
At the time, attempts to persuade Adobe to release a fixed version of
the software for Linux failed, and the license is sufficiently non-free
that we couldn't fix the problem locally at the time (and can't
distribute the software at all now, in any case).
There's also http://bugs.debian.org/137997, a bug about static linking
with a buggy zlib (which may have been fixed by Adobe since).
Regards,