Hi Joey!
Martin Schulze [2006-01-11 20:50 +0100]:
> I'm attaching the current patch against the version in sarge. Please
> let me know which version in sid fixes these problems.
BTW, in order to keep a record of these duplicates, I recently created
http://wiki.debian.org/EmbeddedCodeCopies
M
Martin Schulze <[EMAIL PROTECTED]> wrote:
> Frank Küster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge. Please
> let me know which version in sid fixes these problems.
None: Since the version i
Frank Küster wrote:
> I'm currently preparing an upload of tetex-bin linked against libpoppler.
I'm attaching the current patch against the version in sarge. Please
let me know which version in sid fixes these problems.
The corresponding CVE names are:
CVE IDs: CAN-2005-3191 CAN-2005-31
Martin Schulze <[EMAIL PROTECTED]> wrote:
>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published? Should I
>> delay an upload to sid until this can be fixed, too?
>
> Which issues? *phear*
Florian said that the new
Hi Frank!
Frank Küster wrote:
> I looked at both, and it seems that Martin's does more. I'm speaking of
> the patch attached to
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342292;msg=136
>
> It introduces limits.h and does the same we did for the xpdf patches at
> the beginning of the ye
Martin Pitt <[EMAIL PROTECTED]> wrote:
> Frank Küster [2005-12-11 13:27 +0100]:
>
>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published? Should I
>> delay an upload to sid until this can be fixed, too?
>
> Hm, I'm no
Hi!
Frank Küster [2005-12-11 13:27 +0100]:
> >> Did you see Martin Pitt's "enhanced" patch - do both address the same
> >> problems?
> >
> > The appendix removes the douplette Martin found, so yes.
>
> I looked at both, and it seems that Martin's does more. I'm speaking of
> the patch attached t
Martin Schulze <[EMAIL PROTECTED]> wrote:
> Frank Küster wrote:
>> Hi Joey,
>>
>> Martin Schulze <[EMAIL PROTECTED]> wrote:
>>
>> > The original patch was not sufficient. I'm attaching the entire and the
>> > incremental patch. Please apply the incremental patch to the version in
>> > sid as w
Frank Küster wrote:
> Hi Joey,
>
> Martin Schulze <[EMAIL PROTECTED]> wrote:
>
> > The original patch was not sufficient. I'm attaching the entire and the
> > incremental patch. Please apply the incremental patch to the version in
> > sid as well.
>
> Did you see Martin Pitt's "enhanced" patch
Hi Joey,
Martin Schulze <[EMAIL PROTECTED]> wrote:
> The original patch was not sufficient. I'm attaching the entire and the
> incremental patch. Please apply the incremental patch to the version in
> sid as well.
Did you see Martin Pitt's "enhanced" patch - do both address the same
problems?
Frank Küster wrote:
> The upstream patch applies cleanly to xpdf/Stream.{cc,h} in sarge, but
> JPXStream.cc does not exist. But the functions might still be defined
> elsewhere.
>
> The patch does not apply cleanly, except for Stream.h, in woody, but at
> least one affected line in Stream.cc *doe
found 342292 2.0.2-30
found 342292 2.0.2-31
found 342292 1.0.7+20011202-7.3
thanks
The upstream patch applies cleanly to xpdf/Stream.{cc,h} in sarge, but
JPXStream.cc does not exist. But the functions might still be defined
elsewhere.
The patch does not apply cleanly, except for Stream.h, in woo
Dear security team,
Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:
> Package: tetex-bin
> Version: 3.0-10.1
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Multiple exploitable security problems have been found in xpdf, which are
> all present in tetex-bin's embedded xpd
Package: tetex-bin
Version: 3.0-10.1
Severity: grave
Tags: security
Justification: user security hole
Multiple exploitable security problems have been found in xpdf, which are
all present in tetex-bin's embedded xpdf copy as well:
Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerabilit
14 matches
Mail list logo
