[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Fwd: [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution
From: chefren <chefren_(_at_)_pi_(_dot_)_net>
Date: Thu, 30 Dec 2004 18:02:21 +0100

I presume the OpenBSD xpdf package has no security problems because of ProPolice?

+++chefren

- --------------------------------------------------------------------------
Debian Security Advisory DSA 619-1                     security_(_at_)_debian_(_dot_)_org
http://www.debian.org/security/                             Martin Schulze
December 30th, 2004                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : xpdf
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-1125
Debian Bug     : 286742 286983

An iDEFENSE security researcher discovered a buffer overflow in xpdf,
the portable document format (PDF) suite.  A maliciously crafted PDF
file could exploit this problem, resulting in the execution of arbitrary
code.

For the stable distribution (woody) this problem has been fixed in
version 1.00-3.3.

For the unstable distribution (sid) this problem has been fixed in
version 3.00-11.

We recommend that you upgrade your xdpf package immediately.

[snip]

Prev by Date: Re: newsyslog errors
Next by Date: Re: Fwd: [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution
Previous by thread: AMD64-MP oddities
Next by thread: Re: Fwd: [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution
Index(es):
- Date
- Thread

Visit your host, monkey.org