thr3ads.net - pkg kde talk - [Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :( [Dec 2004]

If this information is useful, please help other people find it:
Share via:

Adeodato Simó

2004-Dec-23 07:23 UTC

[Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :(

See #286742. There has been no talk about this in the kde-packager
  list, but there will be surely be an advisory since there has already
  been a commit:

    kdegraphics/kpdf/xpdf/Gfx.cc - Revision 1.4.4.2
    Wed Dec 22 12:05:50 2004 UTC (18 hours, 56 minutes ago) by mueller=20
    Branch: KDE_3_3_BRANCH=20

    fix xpdf buffer overflow

   
(http://webcvs.kde.org/kdegraphics/kpdf/xpdf/Gfx.cc?rev=3D1.7&view=3Dlog)

  and:

    kdegraphics/kpdf/xpdf/GfxState.cc - Revision 1.3.4.2
    Wed Dec 22 12:05:50 2004 UTC (19 hours, 2 minutes ago) by mueller
    Branch: KDE_3_3_BRANCH

    fix xpdf buffer overflow

                                 * * *

  While I was writing this mail, the Advisory arrived:

    http://www.kde.org/info/security/advisory-20041223-1.txt

--=20
Adeodato Sim=F3
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
    Listening to: Martirio - De homenaje
=20
=46rom the moment I picked your book up until I put it down I was
convulsed with laughter. Some day I intend reading it.
                -- Groucho Marx

Adeodato Simó

2004-Dec-23 08:17 UTC

head link

[Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :(

* Adeodato Simó [Thu, 23 Dec 2004 08:23:11 +0100]:>     kdegraphics/kpdf/xpdf/Gfx.cc - Revision 1.4.4.2
>     kdegraphics/kpdf/xpdf/GfxState.cc - Revision 1.3.4.2
  r366 in svn fixes the issue for experimental, I''m asking frob for an
  upload.

  as for unstable, I asked calc if he could do it, but he said he
hasn''t
  a Debian chroot atm so he can''t. As I believe that Riku is already
  gone and with uncertain connectivity, I''ve prepared the sid upload
too
  and will ask frob if he could do that one too.

  cheers,

-- 
Adeodato Simó
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
In my opinion, the most fruitful and natural play of the mind is in
conversation. I find it sweeter than any other action in life; and if I
were forced to choose, I think I would rather lose my sight than my
hearing and voice.
                -- Michel de Montaigne

Christopher Martin

2004-Dec-23 13:55 UTC

head link

[Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :(

Quoting Adeodato Sim=F3 <asp16@alu.ua.es>:>   r366 in svn fixes the issue for experimental, I''m asking frob
for
>   an upload.
>=20
>   as for unstable, I asked calc if he could do it, but he said he
hasn''t
>   a Debian chroot atm so he can''t. As I believe that Riku is
already
>   gone and with uncertain connectivity, I''ve prepared the sid
upload
>   too and will ask frob if he could do that one too.
Ok, thanks for taking care of this.

Chris

pkg kde talk - Dec 2004 - another vulnerability, this time in kdegraphics/kpdf :(

[Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :(

[Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :(

[Pkg-kde-talk] another vulnerability, this time in kdegraphics/kpdf :(