Sorry for the strange CVS commit messages (was: Bug#288182: marked as done (tetex-bin postinst fails when calling fmtutil))
owner@bugs.debian.org (Debian Bug Tracking System) schrieb:
> tetex-bin (2.0.2-26) unstable; urgency=high
> .
> * SECURITY UPDATE: Added a patch to fix one more buffer overflow in xpdf
> code (CAN-2005-0064). The patch was provided by a Red Hat engineer;
> thanks to Joey for informing me very fast.
The vulnerability fixed with this was not yet public (it was actually
published yesterday, Tuesday, evening), and I didn't want to blow "xpdf
security" over the net. Therefore the rather undescriptive CVS commits
"a patch for xpdf"...
Regards, Frank
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer
Reply to: