thr3ads.net - Secure testing team - [Secure-testing-team] Bug#551676: xpdf: Security patch Xpdf 3.02pl4 released 2009-oct-14 [Oct 2009]

If this information is useful, please help other people find it:
Share via:

Paul Szabo

2009-Oct-19 20:54 UTC

[Secure-testing-team] Bug#551676: xpdf: Security patch Xpdf 3.02pl4 released 2009-oct-14

Package: xpdf-reader
Version: 3.02-1.4+lenny1
Severity: grave
Tags: security
Justification: user security hole

Seems to me that Debian needs to update xpdf to 3.02pl4
as released 14 Oct 2009. See also:

Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce.
http://www.securityfocus.com/archive/1/507261

Thanks,

Paul Szabo   psz at maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 5.0.3
  APT prefers stable
  APT policy: (500, ''stable'')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-pk03.12-svr (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages xpdf depends on:
ii  xpdf-common              3.02-1.4+lenny1 Portable Document Format (PDF) sui
ii  xpdf-reader              3.02-1.4+lenny1 Portable Document Format (PDF) sui
ii  xpdf-utils               3.02-1.4+lenny1 Portable Document Format (PDF) sui

xpdf recommends no packages.

xpdf suggests no packages.

Versions of packages xpdf-reader depends on:
ii  gsfonts       1:8.11+urwcyr1.0.7~pre44-3 Fonts for the Ghostscript interpre
ii  lesstif2      1:0.95.0-2.1               OSF/Motif 2.1 implementation relea
ii  libc6         2.7-18                     GNU C Library: Shared libraries
ii  libfreetype6  2.3.7-2+lenny1             FreeType 2 font engine, shared lib
ii  libgcc1       1:4.3.2-1.1                GCC support library
ii  libice6       2:1.0.4-1                  X11 Inter-Client Exchange library
ii  libpaper1     1.1.23+nmu1                library for handling paper charact
ii  libsm6        2:1.0.3-2                  X11 Session Management library
ii  libstdc++6    4.3.2-1.1                  The GNU Standard C++ Library v3
ii  libt1-5       5.1.2-3                    Type 1 font rasterizer library - r
ii  libx11-6      2:1.1.5-2                  X11 client-side library
ii  libxext6      2:1.0.4-1                  X11 miscellaneous extension librar
ii  libxp6        1:1.0.0.xsf1-2             X Printing Extension (Xprint) clie
ii  libxpm4       1:3.5.7-1                  X11 pixmap library
ii  libxt6        1:1.0.5-3                  X11 toolkit intrinsics library
ii  xpdf-common   3.02-1.4+lenny1            Portable Document Format (PDF) sui

-- no debconf information

Secure testing team - Oct 2009 - Bug#551676: xpdf: Security patch Xpdf 3.02pl4 released 2009-oct-14

[Secure-testing-team] Bug#551676: xpdf: Security patch Xpdf 3.02pl4 released 2009-oct-14