Accepted xpdf 3.02-1.4+lenny2 (source all i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 22 Mar 2010 17:07:50 -0300
Source: xpdf
Binary: xpdf xpdf-common xpdf-reader xpdf-utils
Architecture: source all i386
Version: 3.02-1.4+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Hamish Moffatt <hamish@debian.org>
Changed-By: Luciano Bello <luciano@debian.org>
Description:
xpdf - Portable Document Format (PDF) suite
xpdf-common - Portable Document Format (PDF) suite -- common files
xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11
xpdf-utils - Portable Document Format (PDF) suite -- utilities
Closes: 551287
Changes:
xpdf (3.02-1.4+lenny2) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fixes multiple security issues (Closes: #551287):
- CVE-2009-1188 and CVE-2009-3603:
Integer overflow in SplashBitmap::SplashBitmap which might allow remote
attackers to execute arbitrary code or an application crash via a crafted
PDF document.
- CVE-2009-3604:
NULL pointer dereference or heap-based buffer overflow in
Splash::drawImage which might allow remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code via a
crafted PDF document.
- CVE-2009-3606:
Integer overflow in the PSOutputDev::doImageL1Sep which might allow
remote attackers to execute arbitrary code via a crafted PDF document.
- CVE-2009-3608:
Integer overflow in the ObjectStream::ObjectStream which might allow
remote attackers to execute arbitrary code via a crafted PDF document.
- CVE-2009-3609:
Integer overflow in the ImageStream::ImageStream which might allow
remote attackers to cause a denial of service via a crafted PDF
document.
Checksums-Sha1:
23f1907d3f4d2ca0dbecda240917c7243711bd11 1274 xpdf_3.02-1.4+lenny2.dsc
d5968e5a0e8143bffafc42268303e90f7d7fed69 44597 xpdf_3.02-1.4+lenny2.diff.gz
412b9ac40836deab02e1de28a5601417bc0c7415 1270 xpdf_3.02-1.4+lenny2_all.deb
23ea3b75125c0885f774c22972f12b53137412eb 66414 xpdf-common_3.02-1.4+lenny2_all.deb
48de8a31c12d92c8e0ff4484a98895eac383b93d 876446 xpdf-reader_3.02-1.4+lenny2_i386.deb
a220195f12ec2be7cc0cbafbbea6a1235f6f4700 1611516 xpdf-utils_3.02-1.4+lenny2_i386.deb
Checksums-Sha256:
ab9f38563ad8dd6d1c5a06cd7aeea07184eddc33be6a5ac26e9ea33253092add 1274 xpdf_3.02-1.4+lenny2.dsc
4f08f07b26625f3952583455bc7d286b14aa887e853c5273a6b712ddc3a0f929 44597 xpdf_3.02-1.4+lenny2.diff.gz
e21ab043f15ce40b35d48ea8dd3152db735277b0c50953d6edefe35113c61a08 1270 xpdf_3.02-1.4+lenny2_all.deb
2b5b45ecacef62cdf7eb9f3bdcf3eae0c036b5fb8d9066b398a64e4f4a968e1b 66414 xpdf-common_3.02-1.4+lenny2_all.deb
532a0f4cf6622a7a19f3035ff609385663e39f8b134eb19cbe55ab4b3a94fa3c 876446 xpdf-reader_3.02-1.4+lenny2_i386.deb
33c01a2f9a31899330a4b3d2356f520dd97f692fa9085abce940aad6060f1c09 1611516 xpdf-utils_3.02-1.4+lenny2_i386.deb
Files:
6cffe3ed50825b5a2746b71c4bd073ac 1274 text optional xpdf_3.02-1.4+lenny2.dsc
d25be5fd97c9d9171db95025b7c32c5a 44597 text optional xpdf_3.02-1.4+lenny2.diff.gz
6a4da9738ca93522b57cafadb598ca65 1270 text optional xpdf_3.02-1.4+lenny2_all.deb
24f28ede9dcaeeb2b7aa24b9603496be 66414 text optional xpdf-common_3.02-1.4+lenny2_all.deb
c6e9ebb6d5873552e886e33d92aa4f49 876446 text optional xpdf-reader_3.02-1.4+lenny2_i386.deb
c73e47d9c96298940bd458c7e8879209 1611516 text optional xpdf-utils_3.02-1.4+lenny2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuuXw0ACgkQQWTRs4lLtHnqPwCgrAN8UTzSMIsHZghcri/vMcvE
CVYAoLigcS8qK2KiBK8mQW2tuB0GUhBt
=PxvG
-----END PGP SIGNATURE-----
Accepted:
xpdf-common_3.02-1.4+lenny2_all.deb
to main/x/xpdf/xpdf-common_3.02-1.4+lenny2_all.deb
xpdf-reader_3.02-1.4+lenny2_i386.deb
to main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_i386.deb
xpdf-utils_3.02-1.4+lenny2_i386.deb
to main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_i386.deb
xpdf_3.02-1.4+lenny2.diff.gz
to main/x/xpdf/xpdf_3.02-1.4+lenny2.diff.gz
xpdf_3.02-1.4+lenny2.dsc
to main/x/xpdf/xpdf_3.02-1.4+lenny2.dsc
xpdf_3.02-1.4+lenny2_all.deb
to main/x/xpdf/xpdf_3.02-1.4+lenny2_all.deb
Reply to: