Accepted xpdf 3.02-1.3 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 09 Nov 2007 09:22:19 +0100
Source: xpdf
Binary: xpdf-utils xpdf xpdf-reader xpdf-common
Architecture: source i386 all
Version: 3.02-1.3
Distribution: unstable
Urgency: high
Maintainer: Hamish Moffatt <hamish@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
xpdf - Portable Document Format (PDF) suite
xpdf-common - Portable Document Format (PDF) suite -- common files
xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11
xpdf-utils - Portable Document Format (PDF) suite -- utilities
Closes: 450629
Changes:
xpdf (3.02-1.3) unstable; urgency=high
.
* Non-maintainer upload by testing security team.
* Included fix-CVE-2007-5393_2007-5392_2007-4352.dpatch to address the
following security issues (Closes: #450629)
- CVE-2007-5393 buffer overflow in the CCITTFaxStream::lookChar leading
to arbitrary code execution via a crafted pdf file.
- CVE-2007-5392 integer overflow in the DCTStream::reset resulting in a
heap based buffer overflow allows code execution.
- CVE-2007-4352 array index error in DCTStream::readProgressiveDataUnit
leads to memory corruption and possibly arbitrary code execution.
Files:
04630760081b60af98ab4f477607d362 872 text optional xpdf_3.02-1.3.dsc
424a2ae72f005f718c25fedee9f8b4f3 37396 text optional xpdf_3.02-1.3.diff.gz
353fa4f41c1663c4216d6874557abf6a 1262 text optional xpdf_3.02-1.3_all.deb
fdde4ea9fb5e8d3c87531f21007a6ef6 66486 text optional xpdf-common_3.02-1.3_all.deb
309a74068b4ce18ca2aebd8d291234ef 862622 text optional xpdf-reader_3.02-1.3_i386.deb
1220159d03ad9debf972e0f3ba6c3102 1585026 text optional xpdf-utils_3.02-1.3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHNt3+HYflSXNkfP8RAkCUAJ4zwH0Sf95NUhTWoHG6s/SlUNs1XACfa1I4
Mrtri9zm+D6+aG7JPyNgm/0=
=3QPW
-----END PGP SIGNATURE-----
Accepted:
xpdf-common_3.02-1.3_all.deb
to pool/main/x/xpdf/xpdf-common_3.02-1.3_all.deb
xpdf-reader_3.02-1.3_i386.deb
to pool/main/x/xpdf/xpdf-reader_3.02-1.3_i386.deb
xpdf-utils_3.02-1.3_i386.deb
to pool/main/x/xpdf/xpdf-utils_3.02-1.3_i386.deb
xpdf_3.02-1.3.diff.gz
to pool/main/x/xpdf/xpdf_3.02-1.3.diff.gz
xpdf_3.02-1.3.dsc
to pool/main/x/xpdf/xpdf_3.02-1.3.dsc
xpdf_3.02-1.3_all.deb
to pool/main/x/xpdf/xpdf_3.02-1.3_all.deb
Reply to: