Hi, I intent to upload an NMU to fix this bug. debdiff attached and archived on: http://people.debian.org/~nion/nmu-diff/poppler-0.8.4-1_0.8.4-1.1.patch
Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
diff -u poppler-0.8.4/debian/changelog poppler-0.8.4/debian/changelog --- poppler-0.8.4/debian/changelog +++ poppler-0.8.4/debian/changelog @@ -1,3 +1,13 @@ +poppler (0.8.4-1.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix missing pageWidgets object initialization that could lead to arbitrary + code execution by a crafted PDF file when the Page destructor deletes + the object which has not been initialized before + (CVE-2008-2950.patch; Closes: #489756). + + -- Nico Golde <[EMAIL PROTECTED]> Wed, 09 Jul 2008 00:09:10 +0200 + poppler (0.8.4-1) unstable; urgency=low * New upstream release; no API change. only in patch2: unchanged: --- poppler-0.8.4.orig/debian/patches/CVE-2008-2950.patch +++ poppler-0.8.4/debian/patches/CVE-2008-2950.patch @@ -0,0 +1,11 @@ +diff -Nurad poppler-0.8.4.orig/poppler/Page.cc poppler-0.8.4/poppler/Page.cc +--- poppler-0.8.4.orig/poppler/Page.cc 2008-07-09 00:20:47.000000000 +0200 ++++ poppler-0.8.4/poppler/Page.cc 2008-07-09 00:21:14.000000000 +0200 +@@ -232,6 +232,7 @@ + Object tmp; + + ok = gTrue; ++ pageWidgets = NULL; //Security fix + xref = xrefA; + num = numA; + duration = -1;
pgpzCFzFLrlbs.pgp
Description: PGP signature
