Hi Attached, you will find a patch to fix this integer overflow. If you do not have the time to deal with it atm, please give me permission to upload this NMU. Thanks for your efforts.
Cheers Steffen
diff -u poppler-0.5.4/debian/changelog poppler-0.5.4/debian/changelog
--- poppler-0.5.4/debian/changelog
+++ poppler-0.5.4/debian/changelog
@@ -1,3 +1,12 @@
+poppler (0.5.4-6.1) unstable; urgency=high
+
+ * Non-maintainer upload
+ * Include upstream patch to fix integer overflow in the
+ StreamPredictor::StreamPredictor function
+ (Closes: #435460) Fixes: CVE-2007-3387
+
+ -- Steffen Joeris <[EMAIL PROTECTED]> Sun, 05 Aug 2007 11:08:24 +0000
+
poppler (0.5.4-6) unstable; urgency=low
* Conflict with old library names from experimental. (Closes: #426023)
only in patch2:
unchanged:
--- poppler-0.5.4.orig/debian/patches/CVE-2007-3387.patch
+++ poppler-0.5.4/debian/patches/CVE-2007-3387.patch
@@ -0,0 +1,15 @@
+--- Stream.cc.orig 2007-08-05 11:05:42.000000000 +0000
++++ poppler-0.5.4/poppler/Stream.cc 2007-08-05 11:07:12.000000000 +0000
+@@ -423,9 +423,9 @@
+
+ nVals = width * nComps;
+ if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+- nComps >= INT_MAX/nBits ||
+- width >= INT_MAX/nComps/nBits ||
+- nVals * nBits + 7 < 0) {
++ nComps > gfxColorMaxComps || nBits > 16 ||
++ width >= INT_MAX / nComps ||
++ nVals >= (INT_MAX - 7) / nBits) {
+ return;
+ }
+ totalBits = nVals * nBits;
signature.asc
Description: This is a digitally signed message part.
