USN-390-1/2 apply to evince-gtk as well
Bug #74646 reported by
Oliver Brakmann
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| evince-gtk (Ubuntu) |
Fix Released
|
High
|
Kees Cook | ||
Bug Description
In USN-390-1 and -2, only the evince package was updated, however the evince-gtk package in use by the Xubuntu desktop was not. Since the only difference between those two packages is the removal of gnome dependencies in evince-gtk, I suppose it uses the same PS processor as the regular evince package and is thus affected as well by the buffer overflow.
Revision history for this message
| Kees Cook (kees) wrote | #1 |
Revision history for this message
| Martin Pitt (pitti) wrote | #2 |
| Changed in evince-gtk: | |
| importance: | Undecided → High |
| status: | Unconfirmed → Confirmed |
| Changed in evince-gtk: | |
| importance: | High → Undecided |
| status: | Confirmed → In Progress |
| Changed in evince-gtk: | |
| assignee: | nobody → keescook |
| importance: | Undecided → High |
| status: | In Progress → Fix Committed |
Revision history for this message
| Kees Cook (kees) wrote | #3 |
| Changed in evince-gtk: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Thank you for the heads up! And to think this is entirely from code in "gv" that was originally vulnerable. :)
I will get fixes made for evince-gtk as well. Thanks again for catching this.