reopen 291244
tags 291244 patch
thanks
Hi,
the security fix for CAN-2005-0064 was taken from xpdf, which didn't fix
the issue completely. Attached you can find a patch that provides the
complete solution as provided in xpdf 3.00-13 (relative to the current
NMUed fix).
Cheers,
Moritz
diff -Naur gpdf-2.8.2.orig/xpdf/XRef.cc gpdf-2.8.2/xpdf/XRef.cc
--- gpdf-2.8.2.orig/xpdf/XRef.cc 2004-11-05 19:43:19.000000000 +0100
+++ gpdf-2.8.2/xpdf/XRef.cc 2005-04-04 21:32:58.000000000 +0200
@@ -819,6 +819,9 @@
} else {
keyLength = 5;
}
+ if (keyLength > 16) {
+ keyLength = 16;
+ }
permFlags = permissions.getInt();
if (encVersion >= 1 && encVersion <= 2 &&
encRevision >= 2 && encRevision <= 3) {
