Re: [SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
Am Donnerstag, den 25.11.2004, 15:48 +0100 schrieb Martin Schulze:
> For the unstable distribution (sid) these problems have been fixed in
> version 2.0.2-23.
It seems that this currently has not been fixed in the mentioned
version.
After reviewing differences between 2.0.2-14.1 (Adamantix Package, based
on 2.0.2-14 Debian Package) and 2.0.2-23 I find:
diff -uNr debian/tetex-bin-2.0.2/libs/xpdf new/tetex-
bin-2.0.2/libs/xpdf
szczepan@cygnus:~$ head -1 debian/tetex-bin-2.0.2/debian/changelog
tetex-bin (2.0.2-23) unstable; urgency=high
szczepan@cygnus:~$ head -1 new/tetex-bin-2.0.2/debian/changelog
tetex-bin (2.0.2-14.1) testing; urgency=medium
Wenn looking into the code I found out that there were done no changes
in the libs/xpdf code between 2.0.2-14.1 and 2.0.2-23 as mentioned in:
http://lists.debian.org/debian-tetex-maint/2004/11/msg00006.html
--
Torge Szczepanek <debian-security@szczepanek.de>
Reply to: