tag 342288 patch thanks Hi!
We found more flaws in upstream's xpdf patch, it checked multiplication overflows *after* the overflow occured, which is not valid. The current patch http://patches.ubuntu.com/patches/poppler.CVE-2005-3191_2_3.diff checks multiplication overflows properly and also adds the two missing numComps checks that are missing in xpdf upstream's patch. Thanks, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org In a world without walls and fences, who needs Windows and Gates?
signature.asc
Description: Digital signature
