Bug#350785: xpdf: CVE-2006-0301 PDF splash handling heap overflow

Tue, 31 Jan 2006 12:33:11 -0800 

Package: xpdf-reader
Version: 3.01-5
Severity: grave
Tags: security patch
Justification: user security hole

Hi,

thanks for maintaining this package.

Just read about the security issue...

References:
CVE-2006-0301
http://www.frsirt.com/english/advisories/2006/0389
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046

Patch available:
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=123745

(I haven't tested, if the patch solves the issue though, but it looks
sane to me).

Cheers,
        Stefan.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-14-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages xpdf depends on:
ii  xpdf-common                   3.01-5     Portable Document Format (PDF) sui
ii  xpdf-reader                   3.01-5     Portable Document Format (PDF) sui
ii  xpdf-utils                    3.01-5     Portable Document Format (PDF) sui

xpdf recommends no packages.

Versions of packages xpdf-reader depends on:
ii  gsfonts               8.14+v8.11+urw-0.2 Fonts for the Ghostscript interpre
ii  lesstif2              1:0.94.4-1.1       OSF/Motif 2.1 implementation relea
ii  libc6                 2.3.5-12           GNU C Library: Shared libraries an
ii  libfreetype6          2.1.10-1           FreeType 2 font engine, shared lib
ii  libgcc1               1:4.0.2-7          GCC support library
ii  libice6               6.9.0.dfsg.1-4     Inter-Client Exchange library
ii  libpaper1             1.1.14-5           Library for handling paper charact
ii  libsm6                6.9.0.dfsg.1-4     X Window System Session Management
ii  libstdc++6            4.0.2-7            The GNU Standard C++ Library v3
ii  libt1-5               5.1.0-2            Type 1 font rasterizer library - r
ii  libx11-6              6.9.0.dfsg.1-4     X Window System protocol client li
ii  libxext6              6.9.0.dfsg.1-4     X Window System miscellaneous exte
ii  libxp6                6.9.0.dfsg.1-4     X Window System printing extension
ii  libxpm4               6.9.0.dfsg.1-4     X pixmap library
ii  libxt6                6.9.0.dfsg.1-4     X Toolkit Intrinsics
ii  xpdf-common           3.01-5             Portable Document Format (PDF) sui
ii  zlib1g                1:1.2.3-9          compression library - runtime

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to