Hi Martin, Hilmar Preusse <[EMAIL PROTECTED]> wrote:
> On 18.03.05 Joey Hess ([EMAIL PROTECTED]) wrote: >> Hilmar Preusse wrote: > > Hi, > >> > As recently discovered the patch, which fixed CAN-2004-0888, >> > seems to be broken on all 64bit platforms (tested only on ia64 >> > though).[1] >> >> Note that CAN-2005-0206 has been assigned for this issue. >> >> BTW, since you were able to track this one down, do you have any >> info about the other packages (cupsys, xpdf, etc) that also has >> CAN-2004-0888? Do they also need fixes, and do you have a patch for >> them? >> > Martin Pitt <martin <at> piware.de> told me, that tetex-bin is not > vulnerable as the file debian/patches/patch-CAN-2004-0888 continas > not the original patch form the xpdf developer, but already a fixed > version of the patch. Martin, good to hear that. Did you also read the other messages in this thread, namely Hamish's confusion about CAN-2004-0888 vs. CAN-2004-0889? And, by the way, why didn't you answer to the bug, or the security list(s)? Regards, Frank -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer