Accepted xpdf 3.02-1.3~bpo40+1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 17 Nov 2007 12:12:13 +0000
Source: xpdf
Binary: xpdf-utils xpdf xpdf-reader xpdf-common
Architecture: source i386 all
Version: 3.02-1.3~bpo40+1
Distribution: etch-backports
Urgency: high
Maintainer: Hamish Moffatt <hamish@debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
xpdf - Portable Document Format (PDF) suite
xpdf-common - Portable Document Format (PDF) suite -- common files
xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11
xpdf-utils - Portable Document Format (PDF) suite -- utilities
Closes: 450629
Changes:
xpdf (3.02-1.3~bpo40+1) etch-backports; urgency=low
.
* rebuilt for backports.org
.
xpdf (3.02-1.3) unstable; urgency=high
.
* Non-maintainer upload by testing security team.
* Included fix-CVE-2007-5393_2007-5392_2007-4352.dpatch to address the
following security issues (Closes: #450629)
- CVE-2007-5393 buffer overflow in the CCITTFaxStream::lookChar leading
to arbitrary code execution via a crafted pdf file.
- CVE-2007-5392 integer overflow in the DCTStream::reset resulting in a
heap based buffer overflow allows code execution.
- CVE-2007-4352 array index error in DCTStream::readProgressiveDataUnit
leads to memory corruption and possibly arbitrary code execution.
Files:
e6b50ca81055dce793104795217b91b3 888 text optional xpdf_3.02-1.3~bpo40+1.dsc
227407b660a1b4eef383c64b7cc3d652 37163 text optional xpdf_3.02-1.3~bpo40+1.diff.gz
0d7660998d6134ddb4dfb88a90c5595b 1272 text optional xpdf_3.02-1.3~bpo40+1_all.deb
4cdf79d029653812fae604f04b38a71a 65606 text optional xpdf-common_3.02-1.3~bpo40+1_all.deb
7350163f482734022b381496e3b15e1f 888000 text optional xpdf-reader_3.02-1.3~bpo40+1_i386.deb
2c30f2b5761149bb566b791396f4fcb0 1634282 text optional xpdf-utils_3.02-1.3~bpo40+1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHPulLHTOcZYuNdmMRAua/AJ0UwvGIiFnDpbyHXewl6WtVMmIgzQCgnEa/
KpDml/gRtsaDM+w6M0C/HYg=
=ArTS
-----END PGP SIGNATURE-----
Accepted:
xpdf-common_3.02-1.3~bpo40+1_all.deb
to pool/main/x/xpdf/xpdf-common_3.02-1.3~bpo40+1_all.deb
xpdf-reader_3.02-1.3~bpo40+1_i386.deb
to pool/main/x/xpdf/xpdf-reader_3.02-1.3~bpo40+1_i386.deb
xpdf-utils_3.02-1.3~bpo40+1_i386.deb
to pool/main/x/xpdf/xpdf-utils_3.02-1.3~bpo40+1_i386.deb
xpdf_3.02-1.3~bpo40+1.diff.gz
to pool/main/x/xpdf/xpdf_3.02-1.3~bpo40+1.diff.gz
xpdf_3.02-1.3~bpo40+1.dsc
to pool/main/x/xpdf/xpdf_3.02-1.3~bpo40+1.dsc
xpdf_3.02-1.3~bpo40+1_all.deb
to pool/main/x/xpdf/xpdf_3.02-1.3~bpo40+1_all.deb
Reply to: