Your message dated Fri, 22 Sep 2006 10:30:46 +0200 with message-id <20060922083046.GA3436@PC23> and subject line Bug#346086: tetex-bin: New integer overflows in xpdf copy [CVE-2005-3624, CVE-2005-3625, CVE-2005-3627] has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---
- To: Debian BTS Submit <submit@bugs.debian.org>
- Cc: security@debian.org
- Subject: tetex-bin: New integer overflows in xpdf copy [CVE-2005-3624, CVE-2005-3625, CVE-2005-3627]
- From: Martin Pitt <martin.pitt@ubuntu.com>
- Date: Thu, 5 Jan 2006 15:14:26 +0100
- Message-id: <20060105141426.GF5210@piware.de>
Package: tetex-bin Version: 2.0.2-30 Severity: critical Tags: security patch Hi! Chris Evans found some more integer overflows in the xpdf code [1] which affect tetex-bin as well. [1] also has demo exploit PDFs for patch checking. See [2] for the Ubuntu debdiff. This only affects sarge (and woody); luckily sid is finally cured forever due to poppler, so please mark this bug as fixed in sid. Thanks, Martin [1] http://scary.beasts.org/security/b0dfca810501f2da/CESA-2005-003.txt [2] http://patches.ubuntu.com/patches/tetex-bin.CVE-2005-3624_5_7.diff -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org In a world without walls and fences, who needs Windows and Gates?Attachment: signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
- To: Martin Pitt <martin.pitt@ubuntu.com>, 346086-done@bugs.debian.org
- Subject: Re: Bug#346086: tetex-bin: New integer overflows in xpdf copy [CVE-2005-3624, CVE-2005-3625, CVE-2005-3627]
- From: Hilmar Preusse <hille42@web.de>
- Date: Fri, 22 Sep 2006 10:30:46 +0200
- Message-id: <20060922083046.GA3436@PC23>
- In-reply-to: <20060105141426.GF5210@piware.de>
- References: <20060105141426.GF5210@piware.de>
On 05.01.06 Martin Pitt (martin.pitt@ubuntu.com) wrote: Hi, > Chris Evans found some more integer overflows in the xpdf code [1] > which affect tetex-bin as well. [1] also has demo exploit PDFs for > patch checking. > The bug actually only affects woody. The sec support for woody has experied recently^1 -> Closing. H. ^1 http://www.debian.org/News/2006/20060601 -- sigmentation fault
--- End Message ---