Joey Hess wrote:
> xpdf is vulnerable to a buffer overflow that can be exploited by
> malicious pdfs to execute arbitrary code. The hole is described here:
> http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities&flashstatus=false
>
> I've attached a patch that adds bounds checking to close the hole.
For the unstable distribution (sid) this problem has been fixed in
version 3.00-12.
It's in Incoming already.
Just FYI.
Regards,
Joey
--
Ten years and still binary compatible. -- XFree86
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
