Accepted tetex-bin 3.0-10.1ubuntu2 (source)

Martin Pitt martin.pitt at ubuntu.com
Thu Dec 8 14:00:11 GMT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu,  8 Dec 2005 14:43:56 +0100
Source: tetex-bin
Binary: tetex-bin libkpathsea4-dev libkpathsea4
Architecture: source
Version: 3.0-10.1ubuntu2
Distribution: dapper
Urgency: low
Maintainer: teTeX maintainers <debian-tetex-maint at lists.debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 libkpathsea4 - path search library for teTeX (runtime part)
 libkpathsea4-dev - path search library for teTeX (devel part)
 tetex-bin  - The teTeX binary files
Changes: 
 tetex-bin (3.0-10.1ubuntu2) dapper; urgency=low
 .
   * SECURITY UPDATE: Multiple integer/buffer overflows in embedded xpdf code.
   * Add debian/patches/patch-CVE-2005-3191+2+3.patch:
   * xpdf/Stream.cc, DCTStream::readBaselineSOF():
     - Check numComps for invalid values.
     - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
     - CVE-2005-3191
   * xpdf/Stream.cc, DCTStream::DCTStream::readProgressiveSOF():
     - Check numComps for invalid values.
     - http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities
     - CVE-2005-3191
   * xpdf/Stream.cc, StreamPredictor::StreamPredictor():
     - Check rowBytes for invalid values.
     - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
     - CVE-2005-3192
    * xpdf/JPXStream.cc, JPXStream::readCodestream():
      - Check img.nXTiles * img.nYTiles for integer overflow.
      - Check final gmalloc() for overflow.
      - http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
      - CVE-2005-3193
Files: 
 608fff71c34535d5d76934fd0cff53a6 983 tex optional tetex-bin_3.0-10.1ubuntu2.dsc
 0bb43657a5b2e123fa04d8c8ced16049 317359 tex optional tetex-bin_3.0-10.1ubuntu2.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDmDkwDecnbV4Fd/IRAj5XAJ9JlZ7xxTGmq7LJTDe2TUt/Gr464ACgsEut
Nnx7u0c3wV+JdX/8+c3xThM=
=9yQE
-----END PGP SIGNATURE-----


Accepted:
tetex-bin_3.0-10.1ubuntu2.diff.gz
  to pool/main/t/tetex-bin/tetex-bin_3.0-10.1ubuntu2.diff.gz
tetex-bin_3.0-10.1ubuntu2.dsc
  to pool/main/t/tetex-bin/tetex-bin_3.0-10.1ubuntu2.dsc

More information about the dapper-changes mailing list