[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gpdf: remove? security hole open for this long?

severity 334454 serious 

To me, that patch as specified in 322467 is not applied, so from a
casual reading, it looks like the security hole is open.

At Sat, 22 Jul 2006 01:04:31 +0200,

Martin Michlmayr wrote:
> * Junichi Uekawa <dancer@netfort.gr.jp> [2006-07-21 23:49]:
> > I think having a security hole for more than a year is a reason to remove
> > gpdf. 
> > 
> > evince seems to be a replacement, gpdf is deprecated.
> It should imho get orphaned first.  BCCing the MIA people - what's up
> there anyway?  Hasn't mechanix been inactive for ages?
> Oh, gpdf was uploaded in March.  And it mentions some security fixes.
> Can someone check if those address #334454?

dancer@{debian.org,netfort.gr.jp}   Debian Project

Reply to: