On Thu, Dec 07, 2006, Kees Cook wrote: > > I saw that you updated 0.4 and 0.6, but not 0.1; perhaps you do not > > ship evince 0.1 anymore, but if you do, do you know whether is it > > affected? > The earliest supported evince in Ubuntu is 0.4. As far as I can tell, > if ps/ps.c exists in the codebase, it's vulnerable. (Since that file > was embedded from a vulnerable version of gv.)
It was, same patch applied fine. > Thanks! Eh, thanks to you! Would it be in the form of a patch, I would hand you the fix for madwifi's CVE-2006-6332, but it's a new upstream release, and I think you're using linux-restricted-modules or something similar. Bye, -- Loïc Minier <[EMAIL PROTECTED]> "I have no strong feelings one way or the other." -- Neutral President
