Accepted: xpdf 3.02-1.3ubuntu1 (source)

Andrea Gasparini gaspa at yattaweb.it
Sat Nov 17 10:26:11 GMT 2007 

Accepted:
 OK: xpdf_3.02.orig.tar.gz
 OK: xpdf_3.02-1.3ubuntu1.diff.gz
 OK: xpdf_3.02-1.3ubuntu1.dsc
     -> Component: universe Section: text

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 12 Nov 2007 18:51:03 +0100
Source: xpdf
Binary: xpdf-utils xpdf xpdf-reader xpdf-common
Architecture: source
Version: 3.02-1.3ubuntu1
Distribution: hardy
Urgency: high
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Andrea Gasparini <gaspa at yattaweb.it>
Description: 
 xpdf       - Portable Document Format (PDF) suite
 xpdf-common - Portable Document Format (PDF) suite -- common files
 xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11
 xpdf-utils - Portable Document Format (PDF) suite -- utilities
Closes: 450629
Changes: 
 xpdf (3.02-1.3ubuntu1) hardy; urgency=low
 .
   * Merge from Debian unstable. Remaining Ubuntu changes:
       - Patch 09_xpdfrc_manpage.dpatch for xpdfrc.5
       - Set maintainer to MOTU
 .
 xpdf (3.02-1.3) unstable; urgency=high
 .
   * Non-maintainer upload by testing security team.
   * Included fix-CVE-2007-5393_2007-5392_2007-4352.dpatch to address the
     following security issues (Closes: #450629)
     - CVE-2007-5393 buffer overflow in the CCITTFaxStream::lookChar leading
       to arbitrary code execution via a crafted pdf file.
     - CVE-2007-5392 integer overflow in the DCTStream::reset resulting in a
       heap based buffer overflow allows code execution.
     - CVE-2007-4352 array index error in DCTStream::readProgressiveDataUnit
       leads to memory corruption and possibly arbitrary code execution.
Files: 
 d4cf9d1602d4c617ed868a8a62524b52 961 text optional xpdf_3.02-1.3ubuntu1.dsc
 90b82e5ca76045c1bc9f31f31ac4bc4a 37756 text optional xpdf_3.02-1.3ubuntu1.diff.gz
Original-Maintainer: Hamish Moffatt <hamish at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHPsBlnXjXEYa8KlARAnufAJ9/cJ5Sye8Rr60Gk/GBB/W67INTzQCfQojU
Zdk665GkEQwNdbkPEIrmTIw=
=bZOR
-----END PGP SIGNATURE-----

More information about the Hardy-changes mailing list