Adrian Bunk <bunk@stusta.de> wrote: > Package: tetex-bin > Version: 2.0.2-22 > Severity: grave > Tags: security > > > pdftohtml might be affected by CAN-2004-0889 this should read tetex-bin instead of pdftohtml, which has a different bug. > (integer overflow issues in xpdf). > > The code is there, but I haven't checked how it's actually used. The xpdf code is used by pdftex. I have not verified that the actual pieces of code are used, but I think so. I have prepared patches against 1.0.7+20011202-7.1 (woody) and 2.0.2-22 (sarge/sid). I took the changes to Catalog.cxx and XReF.cxx from cupsys_1.1.14-5woody10.diff.gz[1] and prepared patched files by hand because the filenames have changed. For 2.0.2 the cupsys patch would have applied cleanly without fuzziness (didn't check for line offsets). For 1.0.7, only three of the four hunks in XReF.cxx had their counterpart in XReF.cc (with only small differences). I do not claim any understanding of the problem or the changes. My knowledge of C/C++ is neglegible. There are some other minor fixes in our CVS that are pending upload and do not have any relation to the security fix (only documentation fixes, changes in the packaging and a translation). It would be nice if we could coordinate the fix for sid, so that the pending changes have a chance to get into sarge soon (without waiting until the security fix has made the transition) Regards, Frank [1] why hasn't there been a security fix for xpdf in woody? It seems to have exactly the same problems. -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer
Attachment:
pgpK691WCpY8e.pgp
Description: PGP signature