>>>>> Yaakov S writes:
> Yaakov S (Cygwin Ports) wrote:
>> Xpdf is vulnerable to integer overflows that may be exploited to
>> execute arbitrary code.
>> Solution: apply this patch to xpdf-3.01:
>>
http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/app-text/xpdf/files/xpdf-3.01-sec-rollup.patch
>> More information:
>> http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
> Now, in addition to the above, there's another heap overflow
> vulnerability. Isn't maintaining xpdf a lot of fun? :-)
I'll try packaging a new version this evening.
> Yaakov
Ciao
Volker
