Debian
xpdf package

xpdf 3.02-1.4+lenny2 source package in Debian

Changelog

xpdf (3.02-1.4+lenny2) stable-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Fixes multiple security issues (Closes: #551287):
    - CVE-2009-1188 and CVE-2009-3603:
      Integer overflow in SplashBitmap::SplashBitmap which might allow remote
      attackers to execute arbitrary code or an application crash via a crafted
      PDF document.
    - CVE-2009-3604:
      NULL pointer dereference or heap-based buffer overflow in 
      Splash::drawImage which might allow remote attackers to cause a denial of
      service (application crash) or possibly execute arbitrary code via a 
      crafted PDF document. 
    - CVE-2009-3606:
      Integer overflow in the PSOutputDev::doImageL1Sep which might allow 
      remote attackers to execute arbitrary code via a crafted PDF document.
    - CVE-2009-3608:
      Integer overflow in the ObjectStream::ObjectStream which might allow 
      remote attackers to execute arbitrary code via a crafted PDF document.
    - CVE-2009-3609:
      Integer overflow in the ImageStream::ImageStream which might allow 
      remote attackers to cause a denial of service via a crafted PDF
      document.

 -- Luciano Bello <email address hidden>  Mon, 22 Mar 2010 17:07:50 -0300

Upload details

Uploaded by:
Hamish Moffatt
Uploaded to:
Lenny
Original maintainer:
Hamish Moffatt
Architectures:
any
Section:
text
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
xpdf_3.02-1.4+lenny2.dsc 1.2 KiB ab9f38563ad8dd6d1c5a06cd7aeea07184eddc33be6a5ac26e9ea33253092add
xpdf_3.02.orig.tar.gz 659.1 KiB b33a7d56f454c331ae50996f989e86c9166e57af97b74de28cddf3d51ac11f00
xpdf_3.02-1.4+lenny2.diff.gz 43.6 KiB 4f08f07b26625f3952583455bc7d286b14aa887e853c5273a6b712ddc3a0f929

No changes file available.

Binary packages built by this source