found 322467 3.0-5 thanks Hilmar Preusse <[EMAIL PROTECTED]> wrote:
> Package: tetex-bin > Version: 2.0.2-31 > Severity: grave > Tags: patch > Justification: can result in disk consumption and ultimately lead to a denial > of service condition. > > Just a reminder, > > http://www.securityfocus.com/bid/14529/info > > Ubuntu^1 already fixed the xpdf packages. I guess we're affected too, > as pdftex processes pdf files using the code from xpdf. I did not > file a bug against xpdf yet. I'm attaching a patch taken from > ftp://ftp.kde.org/pub/kde/security_patches/ and the sig. According to > Martin Pitt the original patch was posted to vendor-sec but I'm not > subscribed to it. tetex-bin_2.0.2 in sarge, etch, sid, as well as tetex-bin_1.0.7... in oldstable do not have the files the patch changes. Moreover, the strings "loca table" or "codetogid" do not appear in tetex-bin-{1.0.7...,2.0.2}/libs/, checked with a case-insensitive grep. However, "truetype" appears lots of times. Therefore it probably needs a careful inspection of the code to check whether these are indeed vulnerable. It would be best if someone with a decent understanding of C++ would do that, not me. tetex-bin_3.0 in experimental is vulnerable. Regards, Frank -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer