On Thu, Dec 07, 2006, Kees Cook wrote:
> > I saw that you updated 0.4 and 0.6, but not 0.1; perhaps you do not
> > ship evince 0.1 anymore, but if you do, do you know whether is it
> > affected?
> The earliest supported evince in Ubuntu is 0.4. As far as I can tell,
> if ps/ps.c exists in the
On Thu, Dec 07, 2006 at 10:12:14PM +0100, Loïc Minier wrote:
> Thanks for the bug and the patch! I had flagged the Ubuntu security
> notice, but didn't have time to upload it yet.
Okay, great. I wanted to make sure all the upstreams had the bug
recorded, just in case. :) The Gnome report is
On Thu, Dec 07, 2006, Kees Cook wrote:
> This is the same vulnerability as reported against gv as bug 398292,
> since evince has old gv code embedded (I've updated the wiki to reflect
> this: http://wiki.debian.org/EmbeddedCodeCopies)
Thanks for the bug and the patch! I had flagged the Ubuntu
Package: evince
Version: 0.4.0-2
Severity: critical
Tags: security, patch
This is the same vulnerability as reported against gv as bug 398292,
since evince has old gv code embedded (I've updated the wiki to reflect
this: http://wiki.debian.org/EmbeddedCodeCopies)
Patch attached (applies to both
4 matches
Mail list logo
