Bug#286984: CAN-2004-1125: Arbitrary code execution in tetex-bin
- To: Martin Schulze <joey@infodrom.org>
- Cc: 286984@bugs.debian.org
- Subject: Bug#286984: CAN-2004-1125: Arbitrary code execution in tetex-bin
- From: Hilmar Preusse <hille42@web.de>
- Date: Tue, 4 Jan 2005 10:20:48 +0100
- Message-id: <[🔎] 20050104092048.GB2521@preusse-16223.user.cis.dfn.de>
- Reply-to: Hilmar Preusse <hille42@web.de>, 286984@bugs.debian.org
- In-reply-to: <20041231121936.GW29581@finlandia.infodrom.north.de>
- References: <20041227222532.GA1986@finlandia.infodrom.north.de> <871xdaixmn.fsf@alhambra.bioz.unibas.ch> <20041229195233.GE21215@finlandia.infodrom.north.de> <873bxof61j.fsf@alhambra.bioz.unibas.ch> <20041230110931.GE29581@finlandia.infodrom.north.de> <20041231095404.GB6175@preusse-16223.user.cis.dfn.de> <20041231121936.GW29581@finlandia.infodrom.north.de>
On 31.12.04 Martin Schulze (joey@infodrom.org) wrote:
> Hilmar Preusse wrote:
Hi,
> > So why is the hunk then included in the patch for xpdf 1.0 (DSA
> > 619-1)? Why is it part of 3.00pl2 at all?
>
> Because it's the upstream fix and doesn't harm. Contrary to
> tetex-bin this is only a minor part of the correction for cups and
> xpdf. The real vulnerability does not exist in tetex-bin, so
> there's no update needed.
>
Would you be so kind to close that bug then?
Thanks and Regards,
Hilmar
--
sigmentation fault
Reply to: