Bug#382506: tetex-bin: DoS in embedded libgd2 copy [CVE-2006-2906]
Martin Pitt <firstname.lastname@example.org> wrote:
> Package: tetex-bin
> Version: 3.0-13
> Severity: normal
> Tags: patch security
> tetex-bin 3.0 contains a copy of libgd2 source code in libs/gd.
> [...] The best solution would be to build against
> the system libgd2 library instead of using a code copy.
This we already do since 3.0-17, and testing has 3.0-18 already. I
guess Ubuntu 6.5 (or whenever it was released) has 3.0-13, that's why
you came up with it?
Or do you think we should patch the unused code?
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX/TeXLive)