Re: [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code
From: Nico Golde <debian-security+ml@ngolde.de>
Date: Wed, 9 Jul 2008 21:50:25 +0200
Message-id: <20080709195025.GD19377@ngolde.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <48750BAF.70708@gmail.com>
References: <20080709174637.GA11219@steve.org.uk> <48750BAF.70708@gmail.com>

Hi Eugene,
* Eugene V. Lyubimkin <jackyf.devel@gmail.com> [2008-07-09 21:44]:
> Steve Kemp wrote:
> > For the unstable distribution (sid), this problem has been fixed in
> > version 0.8.0-1.
> Unstable has now version 0.8.4, how it can be?
> 
> (please CC me in replies)

See the changelog of poppler in unstable:
http://packages.debian.org/changelogs/pool/main/p/poppler/poppler_0.8.4-1/changelog

The version in unstable was fixed quite some time ago.

Maybe we should add this to the Debian security FAQ as this 
question pops up every now and then?

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgp_4GHgfh7TB.pgp
Description: PGP signature

Reply to:

References:
- Re: [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code
  - From: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>

Prev by Date: Re: [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code
Next by Date: Re: [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
Previous by thread: Re: [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code
Next by thread: Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning
Index(es):
- Date
- Thread