-----BEGIN PGP SIGNED MESSAGE----- Format: 1.7 Date: Mon, 8 Nov 2004 00:23:22 +1100 Source: xpdf Binary: xpdf-utils xpdf xpdf-reader xpdf-common Architecture: source i386 all Version: 3.00-10 Distribution: unstable Urgency: high Maintainer: Hamish Moffatt <[EMAIL PROTECTED]> Changed-By: Hamish Moffatt <[EMAIL PROTECTED]> Description: xpdf - Portable Document Format (PDF) suite xpdf-common - Portable Document Format (PDF) suite -- common files xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11 xpdf-utils - Portable Document Format (PDF) suite -- utilities Closes: 278693 279292 Changes: xpdf (3.00-10) unstable; urgency=high . * SECURITY UPDATE: fix potential buffer overflow * goo/gmem.[ch]: change declarations of gmalloc and grealloc to use size_t instead of int; int truncated sizes to 32 bits, which made xpdf still vulnerable to integer (and eventually buffer) overflow attacks on 64 bit platforms like amd64. * Thanks to Marcus Meissner <[EMAIL PROTECTED]> for providing the patch and Martin Pitt <[EMAIL PROTECTED]> for providing the changes for Debian in the form of 3.00-9ubuntu2 * References: CAN-2004-0889 (incomplete fix in version 3.00-9) . * Incorporated patch from Arnaud Giersch to fix crashes with certain PDFs (closes: #278693, #279292) Files: b0a88d088a23bd52f0d182d481987582 879 text optional xpdf_3.00-10.dsc a74ead163052cdeb1cada5918b201050 46755 text optional xpdf_3.00-10.diff.gz f1b2c7a1c14819e147be33f84f6bbfdf 1274 text optional xpdf_3.00-10_all.deb 6fb0d7d8a4c99e53fda6401b51a1bce0 55914 text optional xpdf-common_3.00-10_all.deb ad810a764584eb506e8ad06cb1b0f70f 654980 text optional xpdf-reader_3.00-10_i386.deb e3fb456f88b630a08eac2c605530ccbc 1238114 text optional xpdf-utils_3.00-10_i386.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iQCVAwUBQY4kD9iYIdPvprnVAQG43QP+OmSwh8+RixrW+NIQ5O+BT9Gt0LdNXtLJ 4lKZNLyPHysr5Cc6R3XHPIkISuwrP1I/OXV6W4BHE9yDaCq66V/sQ2ywaGwkqsMZ S6yA25NYfxIC+C+eVq/ByL/02YjA5riWKx3kTkuugdVltFnqEqxMAZBLxLgexRUW Kww21x8iivg= =cQHZ -----END PGP SIGNATURE----- Accepted: xpdf-common_3.00-10_all.deb to pool/main/x/xpdf/xpdf-common_3.00-10_all.deb xpdf-reader_3.00-10_i386.deb to pool/main/x/xpdf/xpdf-reader_3.00-10_i386.deb xpdf-utils_3.00-10_i386.deb to pool/main/x/xpdf/xpdf-utils_3.00-10_i386.deb xpdf_3.00-10.diff.gz to pool/main/x/xpdf/xpdf_3.00-10.diff.gz xpdf_3.00-10.dsc to pool/main/x/xpdf/xpdf_3.00-10.dsc xpdf_3.00-10_all.deb to pool/main/x/xpdf/xpdf_3.00-10_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]