Accepted xpdf 3.00-9ubuntu2 (source)
Martin Pitt
mpitt at debian.org
Mon Nov 1 06:05:02 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 1 Nov 2004 12:00:47 +0100
Source: xpdf
Binary: xpdf-utils xpdf xpdf-reader xpdf-common
Architecture: source
Version: 3.00-9ubuntu2
Distribution: hoary
Urgency: low
Maintainer: Hamish Moffatt <hamish at debian.org>
Changed-By: Martin Pitt <mpitt at debian.org>
Description:
xpdf - Portable Document Format (PDF) suite
xpdf-common - Portable Document Format (PDF) suite -- common files
xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11
xpdf-utils - Portable Document Format (PDF) suite -- utilities
Changes:
xpdf (3.00-9ubuntu2) hoary; urgency=low
.
* SECURITY UPDATE: fix potential buffer overflow
* goo/gmem.[ch]: change declarations of gmalloc and grealloc to use size_t
instead of int; int truncated sizes to 32 bits, which made xpdf still
vulnerable to integer (and eventually buffer) overflow attacks on 64 bit
platforms like amd64.
* Thanks to Marcus Meissner <meissner at suse.de> for providing the patch
* References:
CAN-2004-0889 (incomplete fix in version 3.00-9)
Files:
771d55f0beb9de63b0493bad28e4c683 784 text optional xpdf_3.00-9ubuntu2.dsc
d82164aff44ef33d366d90b3bba88bcc 47371 text optional xpdf_3.00-9ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBhiUGDecnbV4Fd/IRAg4cAKD7nmV2ACncL3xSX3t1CwWyWY8K1ACeIOti
uH2X0pCQaybjvg/5F0nDNi8=
=bjai
-----END PGP SIGNATURE-----
Accepted:
xpdf_3.00-9ubuntu2.diff.gz
to pool/main/x/xpdf/xpdf_3.00-9ubuntu2.diff.gz
xpdf_3.00-9ubuntu2.dsc
to pool/main/x/xpdf/xpdf_3.00-9ubuntu2.dsc
More information about the hoary-changes
mailing list