Michael S. Gilbert
2009-Aug-04 05:49 UTC
[Secure-testing-team] etch patch for CVE-2009-0146/147/0166/0799/0800/1179/1180/1181/1182/1183/1187
derived from ubuntu''s 0.5.1 patch, here is a patch set for etch''s 0.4.5. i am fairly certain all of these CVEs are addressed in this one. note vulnerable code not present in etch for CVE-2009-0755/1188. i also now see which are the specific patches for 0146/0147/0166, and they are indeed not applied in lenny (nor in the patches i created a couple days ago). i will maybe find time to work on that sometime later this week. please test; i''ve done some basic testing with existing pdfs on my system, but have by no means done extensive or robust testing. hopefully nothings been broken. good night, mike -------------- next part -------------- A non-text attachment was scrubbed... Name: 115_jbig2_security_update_etch.diff Type: text/x-diff Size: 33295 bytes Desc: not available URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090804/95d8b3ea/attachment-0001.diff>