-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 09 Nov 2007 09:22:19 +0100 Source: xpdf Binary: xpdf-utils xpdf xpdf-reader xpdf-common Architecture: source i386 all Version: 3.02-1.3 Distribution: unstable Urgency: high Maintainer: Hamish Moffatt <[EMAIL PROTECTED]> Changed-By: Nico Golde <[EMAIL PROTECTED]> Description: xpdf - Portable Document Format (PDF) suite xpdf-common - Portable Document Format (PDF) suite -- common files xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11 xpdf-utils - Portable Document Format (PDF) suite -- utilities Closes: 450629 Changes: xpdf (3.02-1.3) unstable; urgency=high . * Non-maintainer upload by testing security team. * Included fix-CVE-2007-5393_2007-5392_2007-4352.dpatch to address the following security issues (Closes: #450629) - CVE-2007-5393 buffer overflow in the CCITTFaxStream::lookChar leading to arbitrary code execution via a crafted pdf file. - CVE-2007-5392 integer overflow in the DCTStream::reset resulting in a heap based buffer overflow allows code execution. - CVE-2007-4352 array index error in DCTStream::readProgressiveDataUnit leads to memory corruption and possibly arbitrary code execution. Files: 04630760081b60af98ab4f477607d362 872 text optional xpdf_3.02-1.3.dsc 424a2ae72f005f718c25fedee9f8b4f3 37396 text optional xpdf_3.02-1.3.diff.gz 353fa4f41c1663c4216d6874557abf6a 1262 text optional xpdf_3.02-1.3_all.deb fdde4ea9fb5e8d3c87531f21007a6ef6 66486 text optional xpdf-common_3.02-1.3_all.deb 309a74068b4ce18ca2aebd8d291234ef 862622 text optional xpdf-reader_3.02-1.3_i386.deb 1220159d03ad9debf972e0f3ba6c3102 1585026 text optional xpdf-utils_3.02-1.3_i386.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHNt3+HYflSXNkfP8RAkCUAJ4zwH0Sf95NUhTWoHG6s/SlUNs1XACfa1I4 Mrtri9zm+D6+aG7JPyNgm/0= =3QPW -----END PGP SIGNATURE----- Accepted: xpdf-common_3.02-1.3_all.deb to pool/main/x/xpdf/xpdf-common_3.02-1.3_all.deb xpdf-reader_3.02-1.3_i386.deb to pool/main/x/xpdf/xpdf-reader_3.02-1.3_i386.deb xpdf-utils_3.02-1.3_i386.deb to pool/main/x/xpdf/xpdf-utils_3.02-1.3_i386.deb xpdf_3.02-1.3.diff.gz to pool/main/x/xpdf/xpdf_3.02-1.3.diff.gz xpdf_3.02-1.3.dsc to pool/main/x/xpdf/xpdf_3.02-1.3.dsc xpdf_3.02-1.3_all.deb to pool/main/x/xpdf/xpdf_3.02-1.3_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]