[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#346086: tetex-bin: New integer overflows in xpdf copy [CVE-2005-3624, CVE-2005-3625, CVE-2005-3627]



notfound 346086 2.0.2-30sarge4
found 346086 1.0.7+20011202-7.7
stop

On 26.01.06 Martin Pitt (mpitt@debian.org) wrote:
> Hilmar Preusse [2006-01-23 18:30 +0100]:

Hi all,

> > On the DSA page Joey states, that the problem is solved for
> > oldstable too. The .orig.tar.gz contains a patched Stream.cc,
> > which got the same modifications as your patch contain, except
> > the last hunk. I'm attaching it. Could you evluate if the hunk is
> > necessary.
> > If not I guess we're done here and can close #346086.
> 
> This is precisely the fix that is required to avoid endless loops
> with prematurely ending PDF files (CVE-2005-3625). So it is not
> exploitable to execute any code or something, but it's still a
> nasty DoS, particularly in Cups. So I would prefer to apply it,
> especially since it's such an easy and straightforward change.
> 
So, what is that now?

- a security leak, which must be fixed
- rather an inconvenience, which should be fixed?

Does that bug deserve still the severity critical? If not I propose
to lower the severity to important, keep that bug open until the
support for oldstable has ended and close the bug then. For now I
mark that bug as not found in 2.0.2-30sarge4 and found in
1.0.7+20011202-7.7 .

Regards,
  Hilmar
-- 
sigmentation fault

Attachment: pgpGhImxknaiB.pgp
Description: PGP signature


Reply to: