Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)

To: Joey Hess <joeyh@debian.org>
Cc: 300182@bugs.debian.org, Hilmar Preusse <hille42@web.de>
Subject: Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)
From: Frank Küster <frank@debian.org>
Date: Sat, 19 Mar 2005 20:46:17 +0100
Message-id: <[🔎] 87br9fqv06.fsf@alhambra.kuesterei.ch>
Reply-to: Frank Küster <frank@debian.org>, 300182@bugs.debian.org
In-reply-to: <[🔎] 20050318221422.GA7006@kitenet.net> (Joey Hess's message of "Fri, 18 Mar 2005 17:14:22 -0500")
References: <[🔎] 20050318091619.GD2460@preusse> <[🔎] 20050318221422.GA7006@kitenet.net>

Joey Hess <joeyh@debian.org> schrieb:

> Hilmar Preusse wrote:
>> As recently discovered the patch, which fixed CAN-2004-0888, seems to
>> be broken on all 64bit platforms (tested only on ia64 though).[1]
>
> Note that CAN-2005-0206 has been assigned for this issue.
>
> BTW, since you were able to track this one down, do you have any info
> about the other packages (cupsys, xpdf, etc) that also has
> CAN-2004-0888? Do they also need fixes, and do you have a patch for
> them?

Did you read my analysis I sent to the bug address?  I think we are not
vulnerably, but I am not sure; I'd be glad if somebody else looked over
it and agreed with me...

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

References:
- Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)
  - From: Hilmar Preusse <hille42@web.de>
- Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)
Next by Date: Re: Bug#300142: tetex-bin: texdoctk fails with file not found
Previous by thread: Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)
Next by thread: Bug#300182: tetex-bin still vulnerable to CAN-2004-0888 (CAN-2005-0206)
Index(es):
- Date
- Thread