Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

To: Martin Pitt <martin.pitt@canonical.com>
Cc: Martin Schulze <joey@infodrom.org>, 342292@bugs.debian.org, Debian Security Team <team@security.debian.org>, Florian Weimer <fw@deneb.enyo.de>
Subject: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
From: Frank Küster <frank@kuesterei.ch>
Date: Mon, 12 Dec 2005 09:01:15 +0100
Message-id: <[🔎] 86y82qkalw.fsf@alhambra.kuesterei.ch>
Reply-to: Frank Küster <frank@kuesterei.ch>, 342292@bugs.debian.org
In-reply-to: <[🔎] 20051212064631.GE12959@box79162.elkhouse.de> (Martin Pitt's message of "Mon, 12 Dec 2005 07:46:31 +0100")
References: <[🔎] 20051206221518.7625.85542.reportbug@localhost.localdomain> <[🔎] 86lkyx8127.fsf@alhambra.kuesterei.ch> <[🔎] 20051209144703.GA21830@finlandia.infodrom.north.de> <[🔎] 86r78mjh4g.fsf@alhambra.kuesterei.ch> <[🔎] 20051209204508.GZ16502@finlandia.infodrom.north.de> <[🔎] 86irtvkedi.fsf@alhambra.kuesterei.ch> <[🔎] 20051212064631.GE12959@box79162.elkhouse.de>

Martin Pitt <martin.pitt@canonical.com> wrote:

> Frank Küster [2005-12-11 13:27 +0100]:
>
>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published?  Should I
>> delay an upload to sid until this can be fixed, too?
>
> Hm, I'm not aware of any additional issues. Florian raised and
> explained why 'p = f1*f2; if (p/f1 != f2)' is flawed, so I updated the
> patch to not use it any more. Are there any additional issues I
> missed?

He said that the function gmallocn is flawed; but you're right, this
does not affect tetex-bin (yet), only xpdf.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

References:
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Frank Küster <frank@debian.org>
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Martin Schulze <joey@infodrom.org>
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Frank Küster <frank@debian.org>
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Martin Schulze <joey@infodrom.org>
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Frank Küster <frank@debian.org>
- Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
  - From: Martin Pitt <martin.pitt@canonical.com>

Prev by Date: Re: configuration files in TeX add-on packages
Next by Date: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Previous by thread: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Next by thread: Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy
Index(es):
- Date
- Thread