Accepted tetex-bin 2.0.2-23ubuntu1 (source)
Martin Pitt
mpitt at debian.org
Mon Nov 1 08:50:04 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 1 Nov 2004 15:14:34 +0100
Source: tetex-bin
Binary: libkpathsea3 tetex-bin libkpathsea-dev
Architecture: source
Version: 2.0.2-23ubuntu1
Distribution: hoary
Urgency: low
Maintainer: teTeX maintainers <debian-tetex-maint at lists.debian.org>
Changed-By: Martin Pitt <mpitt at debian.org>
Description:
libkpathsea-dev - path search library for teTeX (devel part)
libkpathsea3 - path search library for teTeX (runtime part)
tetex-bin - The teTeX binary files
Changes:
tetex-bin (2.0.2-23ubuntu1) hoary; urgency=low
.
* SECURITY UPDATE: more buffer overflows in xpdf library
* Fixed more integer overflows discovered by Markus Meissner
<meissner at suse.de>, thanks to him for discovering this.
* Added debian/patches/patch-more-CAN-2004-0888:
- libs/xpdf/goo/gmem.[ch]: change declarations of gmalloc and grealloc to
use size_t instead of int; int truncated sizes to 32 bits, which made
xpdf still vulnerable to integer (and eventually buffer) overflow
attacks on 64 bit platforms like amd64.
- libs/xpdf/xpdf/XRef.cc: fix several unchecked negative integer conditions
* References:
CAN-2004-0888
Files:
25daa38f0c03c00ae053deef4040ab97 1058 tex optional tetex-bin_2.0.2-23ubuntu1.dsc
0cbdc290412d36ef9ee5732372a03936 167440 tex optional tetex-bin_2.0.2-23ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBhkXeDecnbV4Fd/IRAqTHAKDPE3XdeBXrTprIU+DyJISfE9tdaQCg/ChP
8EEVUS7tcg0aZRK5Yb7MMLg=
=kD7n
-----END PGP SIGNATURE-----
Accepted:
tetex-bin_2.0.2-23ubuntu1.diff.gz
to pool/main/t/tetex-bin/tetex-bin_2.0.2-23ubuntu1.diff.gz
tetex-bin_2.0.2-23ubuntu1.dsc
to pool/main/t/tetex-bin/tetex-bin_2.0.2-23ubuntu1.dsc
More information about the hoary-changes
mailing list