[ubuntu/natty] evince 2.32.0-0ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Jan 5 14:30:43 UTC 2011
evince (2.32.0-0ubuntu4) natty; urgency=low
* SECURITY UPDATE: arbitrary code execution via multiple dvi backend
overflows
- debian/patches/03_CVE-2010-264x.patch: add bounds checking in
backend/dvi/mdvi-lib/{afmparse,dviread,pk,tfmfile,vf}.c.
- CVE-2010-2640
- CVE-2010-2641
- CVE-2010-2642
- CVE-2010-2643
Date: Mon, 03 Jan 2011 11:30:16 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/natty/+source/evince/2.32.0-0ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 03 Jan 2011 11:30:16 -0500
Source: evince
Binary: evince evince-dbg evince-gtk libevview-dev libevview3 libevdocument-dev libevdocument3 evince-common gir1.2-evince-2.32
Architecture: source
Version: 2.32.0-0ubuntu4
Distribution: natty
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
evince - Document (postscript, pdf) viewer
evince-common - Document (postscript, pdf) viewer - common files
evince-dbg - Document (postscript, pdf) viewer - debugging symbols
evince-gtk - Document (postscript, pdf) viewer (GTK+ version)
gir1.2-evince-2.32 - GObject introspection data for the libevince library
libevdocument-dev - GNOME document viewer backend library - development headers
libevdocument3 - GNOME document viewer backend library
libevview-dev - GNOME document viewer view library - development headers
libevview3 - GNOME document viewer view library
Changes:
evince (2.32.0-0ubuntu4) natty; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via multiple dvi backend
overflows
- debian/patches/03_CVE-2010-264x.patch: add bounds checking in
backend/dvi/mdvi-lib/{afmparse,dviread,pk,tfmfile,vf}.c.
- CVE-2010-2640
- CVE-2010-2641
- CVE-2010-2642
- CVE-2010-2643
Checksums-Sha1:
2188b500c0e704cce5ebccf1921cad2765a2cd44 2823 evince_2.32.0-0ubuntu4.dsc
c3cc16466597c82d414e28bba8833b77b8b8b4d6 29713 evince_2.32.0-0ubuntu4.debian.tar.gz
Checksums-Sha256:
3085d34016171faa7621d230a933c2a0b244ba7092d2df61cf5dd33f823f4c08 2823 evince_2.32.0-0ubuntu4.dsc
6efa98b558e400093a12a243892d80816874d4c7bcb00c9783586bb1dfbf2168 29713 evince_2.32.0-0ubuntu4.debian.tar.gz
Files:
b8c8e80b47919baf0cd731db9c1556d5 2823 gnome optional evince_2.32.0-0ubuntu4.dsc
9f1537f8905934848b28f10b1a0714fc 29713 gnome optional evince_2.32.0-0ubuntu4.debian.tar.gz
Original-Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCgAGBQJNJH7UAAoJEGVp2FWnRL6TEeoP/R9pwDYGNI/fdaXUkN2EpV1r
Lij6RglC/f7I736dDx7FwPAYVV0OVsetv2U+dPi4rBBVcjeBvnea+ZYCl4/aGPMf
YtHLCTgkq3j5ELbO/5fteh0WDhINmUy/YnziiSMMk+lROHCS7t9f75BhKu2eYuL5
mhGrfZqwF4tmb+9zFQAdQpiENeQI/VerQnfwRgKhW+X8aArkzJt+nJ4rNVJ3eLgH
SgB+DdDDOg0Mbt9WvAykJMIcDlWUZxC52xyC8hzuHN8sKP/xQ2bhdv3sInKbvFy7
uQFDdelJJHfRiVAFN2z4lFogafKfWw1zCsLeXCrE2eE6F8ZiyqJ0AXyzJnPZrikh
bYd+PEq2tS1rKyZfrEhnIuF/VUU5Iy83sUwgreyMFylpTqwcoo906eTtKAgCAQl+
ilt1HinKFyvV6+5OsaY+ElIiL0YOpkZFXYKzFDDHMCtPGYX5MBjWUtikXATtdTMr
mPHGNJRDwHURAFdYsR2jziPj5AP3wtdKGQ9ZgVDLIbO8WK2z3ZOX4IjGqZXMIwn6
pRHg151HJVrCUBHo5DuNnlXidhxyyAzmGvKxALXkvc/FJo5oI3SRN1bt6LQ2KMZ5
jkp6a2DwKTZ6h/1AbpMDcYP2w0xccH2xPFTyJ5Cf8sYeIk8MLndnMBBXB86uAOur
O86ESWljDRHrnXLvXcMt
=LV8Y
-----END PGP SIGNATURE-----
More information about the Natty-changes
mailing list