Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Martin Pitt]

Hi Joey!

Martin Schulze [2006-01-11 20:50 +0100]:
> I'm attaching the current patch against the version in sarge.  Please
> let me know which version in sid fixes these problems.

BTW, in order to keep a record of these duplicates, I recently created

  http://wiki.debian.org/EmbeddedCodeCopies

Martin
-- 
Martin Pitthttp://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?


signature.asc
Description: Digital signature

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

Martin Schulze <[EMAIL PROTECTED]> wrote:

> Frank Küster wrote:
>> I'm currently preparing an upload of tetex-bin linked against libpoppler.
>
> I'm attaching the current patch against the version in sarge.  Please
> let me know which version in sid fixes these problems.

None: Since the version in sid links against libpoppler, no changes need
to be made to it.  We just need an up-to-date poppler - and according to
its changelog

poppler (0.4.3-2) unstable; urgency=high

  [ Martin Pitt ]
  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/003-CVE-2005-3624_5_7.patch:
[...]
  * Add debian/patches/004-fix-CVE-2005-3192.patch:
[...]
poppler (0.4.3-1) unstable; urgency=high

  * New upstream release.
  * New maintainer (Closes: #344738)
  * CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.

it seems everything is okay there.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Martin Schulze]

Frank Küster wrote:
> I'm currently preparing an upload of tetex-bin linked against libpoppler.

I'm attaching the current patch against the version in sarge.  Please
let me know which version in sid fixes these problems.

The corresponding CVE names are:

CVE IDs: CAN-2005-3191 CAN-2005-3192 CVE-2005-3624 CVE-2005-3625
 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628


Regards,

Joey

-- 
Never trust an operating system you don't have source for!

Please always Cc to me when replying to me on the lists.
diff -u tetex-bin-2.0.2/debian/changelog tetex-bin-2.0.2/debian/changelog
--- tetex-bin-2.0.2/debian/changelog
+++ tetex-bin-2.0.2/debian/changelog
@@ -1,3 +1,35 @@
+tetex-bin (2.0.2-30sarge4) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team
+  * Added more precautionary checks by Dirk Müller [xpdf/Stream.cc,
+xpdf/JBIG2Stream.cc, debian/patches/patch-CVE-2005-3191]
+
+ -- Martin Schulze <[EMAIL PROTECTED]>  Thu, 15 Dec 2005 17:02:52 +0100
+
+tetex-bin (2.0.2-30sarge3) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team
+  * Added more precautionary checks by Martin Pitt
+
+ -- Martin Schulze <[EMAIL PROTECTED]>  Mon, 12 Dec 2005 08:32:05 +0100
+
+tetex-bin (2.0.2-30sarge2) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team
+  * Adjusted the former patch
+  * Applied missing bits found by Ludwig Nussel
+
+ -- Martin Schulze <[EMAIL PROTECTED]>  Fri,  9 Dec 2005 11:25:16 +0100
+
+tetex-bin (2.0.2-30sarge1) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team
+  * Partially applied patch from xpdf upstream to fix buffer overflows
+[libs/xpdf/xpdf/Stream.cc, libs/xpdf/xpdf/Stream.h, CAN-2005-3191,
+debian/patches/patch-CVE-2005-3191]
+
+ -- Martin Schulze <[EMAIL PROTECTED]>  Thu,  8 Dec 2005 10:19:45 +0100
+
 tetex-bin (2.0.2-30) unstable; urgency=low
 
   * Restore debian/watch and don't keep the recovered control file in
diff -u tetex-bin-2.0.2/debian/rules tetex-bin-2.0.2/debian/rules
--- tetex-bin-2.0.2/debian/rules
+++ tetex-bin-2.0.2/debian/rules
@@ -57,6 +57,8 @@
patch -p1 -Ni debian/patches/patch-CAN-2005-0064
patch -p1 -NRi debian/patches/patch-mandash || true
patch -p1 -Ni debian/patches/patch-mandash
+   patch -p1 -NRi debian/patches/patch-CVE-2005-3191 || true
+   patch -p1 -Ni debian/patches/patch-CVE-2005-3191
cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub ./texk/
cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub 
./utils/texinfo/
cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub ./config/
@@ -95,6 +97,7 @@
# Add here commands to clean up after the build process.
# Make sure all of our expected symlinks are in place
sh debian/restore-symlinks
+   patch -p1 -NRi debian/patches/patch-CVE-2005-3191 || true
patch -p1 -NRi debian/patches/patch-mandash || true
patch -p1 -NRi debian/patches/patch-CAN-2005-0064 || true
patch -p1 -NRi debian/patches/patch-CAN-2004-1125 || true
only in patch2:
unchanged:
--- tetex-bin-2.0.2.orig/debian/patches/patch-CVE-2005-3191
+++ tetex-bin-2.0.2/debian/patches/patch-CVE-2005-3191
@@ -0,0 +1,243 @@
+diff -u -p -Nr --exclude CVS 
tetex-bin-2.0.2.orig/libs/xpdf/xpdf/JBIG2Stream.cc 
tetex-bin-2.0.2/libs/xpdf/xpdf/JBIG2Stream.cc
+--- tetex-bin-2.0.2.orig/libs/xpdf/xpdf/JBIG2Stream.cc 2002-11-16 
16:02:19.0 +0100
 tetex-bin-2.0.2/libs/xpdf/xpdf/JBIG2Stream.cc  2005-12-15 
16:51:31.0 +0100
+@@ -13,6 +13,7 @@
+ #endif
+ 
+ #include 
++#include 
+ #include "GList.h"
+ #include "Error.h"
+ #include "JBIG2Stream.h"
+@@ -977,7 +978,14 @@ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA, 
+   w = wA;
+   h = hA;
+   line = (wA + 7) >> 3;
+-  data = (Guchar *)gmalloc(h * line);
++
++  if (h < 0 || line <= 0 || h >= (INT_MAX-1) / line)
++data = NULL;
++  else {
++// need to allocate one extra guard byte for use in combine()
++data = (Guchar *)gmalloc(h * line + 1);
++data[h * line] = 0;
++  }
+ }
+ 
+ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA, JBIG2Bitmap *bitmap):
+@@ -986,8 +994,15 @@ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA, 
+   w = bitmap->w;
+   h = bitmap->h;
+   line = bitmap->line;
+-  data = (Guchar *)gmalloc(h * line);
++
++  if (h < 0 || line <= 0 || h >= (INT_MAX-1) / line) {
++data = NULL;
++return;
++  }
++
++  data = (Guchar *)gmalloc(h * line + 1);
+   memcpy(data, bitmap->data, h * line);
++  data[h * line] = 0;
+ }
+ 
+ JBIG2Bitmap::~JBIG2Bitmap() {
+@@ -1012,10 +1027,10 @@ JBIG2Bitmap *JBIG2Bitmap::getSlice(Guint
+ }
+ 
+ void JBIG2Bitmap::expand(int newH, Guint pixel) {
+-  if (newH <= h) {
++  if (newH <= h || line <= 0 || newH >= (INT_MAX-1) / line) {
+ return;
+   }
+-  data = (Guchar *)grealloc(data, newH * line);
++  data = (Guchar *)grealloc(data, newH * line + 1);
+   if (pixel) {
+ memset(data + h * line, 0xff, (newH -

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

Martin Schulze <[EMAIL PROTECTED]> wrote:

>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published?  Should I
>> delay an upload to sid until this can be fixed, too?
>
> Which issues?  *phear*

Florian said that the new function gmallocn (used in xpdf >= 3.01 and
derivatives, but not in tetex-bin) isn't save, either.

I'm currently preparing an upload of tetex-bin linked against libpoppler.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Martin Schulze]

Hi Frank!

Frank Küster wrote:
> I looked at both, and it seems that Martin's does more.  I'm speaking of
> the patch attached to 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342292;msg=136
> 
> It introduces limits.h and does the same we did for the xpdf patches at
> the beginning of the year, namely change code that can be optimized away
> by compilers.  

*sigh* You are correct.  I'll add the missing bits as well.

> It seems to me that Martin Pitt's patch also has everything that yours
> (Joey's) has, but I'm not completely sure; anyway it seems that also the
> stable packages should use the code with limits.h.

Aye.

> Am I correct that the other issues that Florian found are not addressed
> by any patch yet, and have not yet been widely published?  Should I
> delay an upload to sid until this can be fixed, too?

Which issues?  *phear*

Regards,

Joey

-- 
If nothing changes, everything will remain the same.  -- Barne's Law

Please always Cc to me when replying to me on the lists.

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

Martin Pitt <[EMAIL PROTECTED]> wrote:

> Frank Küster [2005-12-11 13:27 +0100]:
>
>> Am I correct that the other issues that Florian found are not addressed
>> by any patch yet, and have not yet been widely published?  Should I
>> delay an upload to sid until this can be fixed, too?
>
> Hm, I'm not aware of any additional issues. Florian raised and
> explained why 'p = f1*f2; if (p/f1 != f2)' is flawed, so I updated the
> patch to not use it any more. Are there any additional issues I
> missed?

He said that the function gmallocn is flawed; but you're right, this
does not affect tetex-bin (yet), only xpdf.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Martin Pitt]

Hi!

Frank Küster [2005-12-11 13:27 +0100]:
> >> Did you see Martin Pitt's "enhanced" patch - do both address the same
> >> problems?
> >
> > The appendix removes the douplette Martin found, so yes.
> 
> I looked at both, and it seems that Martin's does more.  I'm speaking of
> the patch attached to 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342292;msg=136
> 
> It introduces limits.h and does the same we did for the xpdf patches at
> the beginning of the year, namely change code that can be optimized away
> by compilers.  

... or cause an undefined integer overflow.

> It seems to me that Martin Pitt's patch also has everything that yours
> (Joey's) has

As far as I can see, yes.

> Am I correct that the other issues that Florian found are not addressed
> by any patch yet, and have not yet been widely published?  Should I
> delay an upload to sid until this can be fixed, too?

Hm, I'm not aware of any additional issues. Florian raised and
explained why 'p = f1*f2; if (p/f1 != f2)' is flawed, so I updated the
patch to not use it any more. Are there any additional issues I
missed?

Thanks,

Martin

-- 
Martin Pitt  http://www.piware.de
Ubuntu Developer   http://www.ubuntulinux.org
Debian Developerhttp://www.debian.org

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

Martin Schulze <[EMAIL PROTECTED]> wrote:

> Frank Küster wrote:
>> Hi Joey,
>> 
>> Martin Schulze <[EMAIL PROTECTED]> wrote:
>> 
>> > The original patch was not sufficient.  I'm attaching the entire and the
>> > incremental patch.  Please apply the incremental patch to the version in
>> > sid as well.
>> 
>> Did you see Martin Pitt's "enhanced" patch - do both address the same
>> problems?
>
> The appendix removes the douplette Martin found, so yes.

I looked at both, and it seems that Martin's does more.  I'm speaking of
the patch attached to 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342292;msg=136

It introduces limits.h and does the same we did for the xpdf patches at
the beginning of the year, namely change code that can be optimized away
by compilers.  

It seems to me that Martin Pitt's patch also has everything that yours
(Joey's) has, but I'm not completely sure; anyway it seems that also the
stable packages should use the code with limits.h.

Am I correct that the other issues that Florian found are not addressed
by any patch yet, and have not yet been widely published?  Should I
delay an upload to sid until this can be fixed, too?

>> P.S. Did you see my mail to -release regarding the tetex-base upload to
>> stable/proposed-updates?
>
> No.  Could you forward it?

Sent in a separate mail.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Martin Schulze]

Frank Küster wrote:
> Hi Joey,
> 
> Martin Schulze <[EMAIL PROTECTED]> wrote:
> 
> > The original patch was not sufficient.  I'm attaching the entire and the
> > incremental patch.  Please apply the incremental patch to the version in
> > sid as well.
> 
> Did you see Martin Pitt's "enhanced" patch - do both address the same
> problems?

The appendix removes the douplette Martin found, so yes.

> P.S. Did you see my mail to -release regarding the tetex-base upload to
> stable/proposed-updates?

No.  Could you forward it?

Regards,

Joey

-- 
Have you ever noticed that "General Public Licence" contains the word "Pub"?

Please always Cc to me when replying to me on the lists.

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

Hi Joey,

Martin Schulze <[EMAIL PROTECTED]> wrote:

> The original patch was not sufficient.  I'm attaching the entire and the
> incremental patch.  Please apply the incremental patch to the version in
> sid as well.

Did you see Martin Pitt's "enhanced" patch - do both address the same
problems?

TIA, Frank

P.S. Did you see my mail to -release regarding the tetex-base upload to
stable/proposed-updates?

-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Martin Schulze]

Frank Küster wrote:
> The upstream patch applies cleanly to xpdf/Stream.{cc,h} in sarge, but
> JPXStream.cc does not exist.  But the functions might still be defined
> elsewhere.
> 
> The patch does not apply cleanly, except for Stream.h, in woody, but at
> least one affected line in Stream.cc *does* exist.
> 
> As I said previously, I will not be able to work on this.

The original patch was not sufficient.  I'm attaching the entire and the
incremental patch.  Please apply the incremental patch to the version in
sid as well.

Regards,

Joey

-- 
Have you ever noticed that "General Public Licence" contains the word "Pub"?

Please always Cc to me when replying to me on the lists.
diff -u tetex-bin-2.0.2/debian/changelog tetex-bin-2.0.2/debian/changelog
--- tetex-bin-2.0.2/debian/changelog
+++ tetex-bin-2.0.2/debian/changelog
@@ -1,3 +1,20 @@
+tetex-bin (2.0.2-30sarge2) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team
+  * Adjusted the former patch
+  * Applied missing bits found by Ludwig Nussel
+
+ -- Martin Schulze <[EMAIL PROTECTED]>  Fri,  9 Dec 2005 11:25:16 +0100
+
+tetex-bin (2.0.2-30sarge1) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team
+  * Partially applied patch from xpdf upstream to fix buffer overflows
+[libs/xpdf/xpdf/Stream.cc, libs/xpdf/xpdf/Stream.h, CAN-2005-3191,
+debian/patches/patch-CVE-2005-3191]
+
+ -- Martin Schulze <[EMAIL PROTECTED]>  Thu,  8 Dec 2005 10:19:45 +0100
+
 tetex-bin (2.0.2-30) unstable; urgency=low
 
   * Restore debian/watch and don't keep the recovered control file in
diff -u tetex-bin-2.0.2/debian/rules tetex-bin-2.0.2/debian/rules
--- tetex-bin-2.0.2/debian/rules
+++ tetex-bin-2.0.2/debian/rules
@@ -57,6 +57,8 @@
patch -p1 -Ni debian/patches/patch-CAN-2005-0064
patch -p1 -NRi debian/patches/patch-mandash || true
patch -p1 -Ni debian/patches/patch-mandash
+   patch -p1 -NRi debian/patches/patch-CVE-2005-3191 || true
+   patch -p1 -Ni debian/patches/patch-CVE-2005-3191
cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub ./texk/
cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub 
./utils/texinfo/
cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub ./config/
@@ -95,6 +97,7 @@
# Add here commands to clean up after the build process.
# Make sure all of our expected symlinks are in place
sh debian/restore-symlinks
+   patch -p1 -NRi debian/patches/patch-CVE-2005-3191 || true
patch -p1 -NRi debian/patches/patch-mandash || true
patch -p1 -NRi debian/patches/patch-CAN-2005-0064 || true
patch -p1 -NRi debian/patches/patch-CAN-2004-1125 || true
only in patch2:
unchanged:
--- tetex-bin-2.0.2.orig/debian/patches/patch-CVE-2005-3191
+++ tetex-bin-2.0.2/debian/patches/patch-CVE-2005-3191
@@ -0,0 +1,113 @@
+--- tetex-bin-2.0.2.orig/libs/xpdf/xpdf/Stream.h
 tetex-bin-2.0.2/libs/xpdf/xpdf/Stream.h
+@@ -225,6 +225,8 @@
+ 
+   ~StreamPredictor();
+ 
++  GBool isOk() { return ok; }
++
+   int lookChar();
+   int getChar();
+ 
+@@ -242,6 +244,7 @@
+   int rowBytes;   // bytes per line
+   Guchar *predLine;   // line buffer
+   int predIdx;// current index in predLine
++  GBool ok;
+ };
+ 
+ //
+only in patch2:
+unchanged:
+--- tetex-bin-2.0.2.orig/libs/xpdf/xpdf/Stream.cc
 tetex-bin-2.0.2/libs/xpdf/xpdf/Stream.cc
+@@ -404,18 +404,33 @@ void ImageStream::skipLine() {
+ 
+ StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
+int widthA, int nCompsA, int nBitsA) {
++  int totalBits;
++
+   str = strA;
+   predictor = predictorA;
+   width = widthA;
+   nComps = nCompsA;
+   nBits = nBitsA;
++  predLine = NULL;
++  ok = gFalse;
+ 
+   nVals = width * nComps;
++  totalBits = nVals * nBits;
++  if (totalBits == 0 ||
++  (totalBits / nBits) / nComps != width ||
++  totalBits + 7 < 0) {
++return;
++  }
+   pixBytes = (nComps * nBits + 7) >> 3;
+-  rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
++  rowBytes = ((totalBits + 7) >> 3) + pixBytes;
++  if (rowBytes < 0) {
++return;
++  }
+   predLine = (Guchar *)gmalloc(rowBytes);
+   memset(predLine, 0, rowBytes);
+   predIdx = rowBytes;
++
++  ok = gTrue;
+ }
+ 
+ StreamPredictor::~StreamPredictor() {
+@@ -981,6 +996,10 @@ LZWStream::LZWStream(Stream *strA, int p
+ FilterStream(strA) {
+   if (predictor != 1) {
+ pred = new StreamPredictor(this, predictor, columns, colors, bits);
++if (!pred->isOk()) {
++  delete pred;
++  pred = NULL;
++}
+   } else {
+ pred = NULL;
+   }
+@@ -2860,6 +2879,10 @@ GBool DCTStream::readBaselineSOF() {
+   height = read16();
+   width = read16();
+   numComps = str->getChar();
++  if (numComps <= 0 || numComps > 4) {
++error(getPos(), "Bad number of components in DCT stream", prec);

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

found 342292 2.0.2-30
found 342292 2.0.2-31
found 342292 1.0.7+20011202-7.3
thanks

The upstream patch applies cleanly to xpdf/Stream.{cc,h} in sarge, but
JPXStream.cc does not exist.  But the functions might still be defined
elsewhere.

The patch does not apply cleanly, except for Stream.h, in woody, but at
least one affected line in Stream.cc *does* exist.

As I said previously, I will not be able to work on this.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Frank Küster]

Dear security team,

Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:

> Package: tetex-bin
> Version: 3.0-10.1
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Multiple exploitable security problems have been found in xpdf, which are
> all present in tetex-bin's embedded xpdf copy as well

A patch is provided by upstream, and I'll be able to upload a fixed
version to sid in the next 2 or three days.

However, since I'm currently busy with real-life issues, I will *NOT* be
able to backport the patch to the stable version of tetex-bin, nor work
on the numerous other packages that contain xpdf code and that I have
prepared patches for or NMU'ed previously in similar cases.

Note also that testing still has the same upstream version as stable,
and other issues prevent the new version to migrate from sid to testing
soon. 

Regards, Frank

P.S. Is anybody in contact with the xpdf upstream about providing a
dynamically shared library, or at least get clarification whether they
think distributions should try libpoppler instead?  If not, would the
security team allow me to quote them as "We would very much appreciate
if such a library existed, and would urge maintainers and upstream
developers to switch to using it"?
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Bug#342292: tetex-bin: Multiple exploitable heap overflows in embedded xpdf copy

[Moritz Muehlenhoff]

Package: tetex-bin
Version: 3.0-10.1
Severity: grave
Tags: security
Justification: user security hole

Multiple exploitable security problems have been found in xpdf, which are
all present in tetex-bin's embedded xpdf copy as well:

Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability
 http://www.idefense.com/application/poi/display?id=342

Multiple Vendor xpdf DCTStream Progressive Heap Overflow
 http://www.idefense.com/application/poi/display?id=343

Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability
 http://www.idefense.com/application/poi/display?id=344

Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability
 http://www.idefense.com/application/poi/display?id=345

Please reference CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193 when fixing
this.

Cheers,
Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages tetex-bin depends on:
ii  debconf [debconf-2.0]1.4.62  Debian configuration management sy
ii  debianutils  2.15.1  Miscellaneous utilities specific t
ii  dpkg 1.13.11.0.1 package maintenance system for Deb
ii  ed   0.2-20  The classic unix line editor
ii  libc62.3.5-8.1   GNU C Library: Shared libraries an
ii  libgcc1  1:4.0.2-5   GCC support library
ii  libice6  6.8.2.dfsg.1-11 Inter-Client Exchange library
ii  libkpathsea4 3.0-10.1path search library for teTeX (run
ii  libpaper11.1.14-3Library for handling paper charact
ii  libpng12-0   1.2.8rel-5  PNG library - runtime
ii  libsm6   6.8.2.dfsg.1-11 X Window System Session Management
ii  libstdc++6   4.0.2-5 The GNU Standard C++ Library v3
ii  libt1-5  5.1.0-2 Type 1 font rasterizer library - r
ii  libx11-6 6.8.2.dfsg.1-11 X Window System protocol client li
ii  libxaw8  6.8.2.dfsg.1-11 X Athena widget set library
ii  libxext6 6.8.2.dfsg.1-11 X Window System miscellaneous exte
ii  libxmu6  6.8.2.dfsg.1-11 X Window System miscellaneous util
ii  libxp6   6.8.2.dfsg.1-11 X Window System printing extension
ii  libxpm4  6.8.2.dfsg.1-11 X pixmap library
ii  libxt6   6.8.2.dfsg.1-11 X Toolkit Intrinsics
ii  mime-support 3.35-1  MIME files 'mime.types' & 'mailcap
ii  perl 5.8.7-8 Larry Wall's Practical Extraction 
ii  sed  4.1.4-4 The GNU sed stream editor
ii  tetex-base   3.0-10  Basic library files of teTeX
ii  ucf  2.004   Update Configuration File: preserv
pi  xlibs6.8.2.dfsg.1-11 X Window System client libraries m
ii  zlib1g   1:1.2.3-8   compression library - runtime

Versions of packages tetex-bin recommends:
ii  dialog1.0-20051107-1 Displays user-friendly dialog boxe
pn  libxml-parser-perl (no description available)
pn  perl-tk(no description available)
ii  psutils   1.17-21A collection of PostScript documen
ii  whiptail  0.51.6-31  Displays user-friendly dialog boxe

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]