Hi
Thanks Steve for those links. I have an O2 running IRIX 6.5 at work used for molecular modelling (typical uni setup - connected straight to net too). I didn't know of that of that vulnerability. Hence your reply was useful. I'll check it. Thanks
Steve Langasek wrote:
On Mon, Mar 01, 2004 at 12:48:35PM +1100, Michael Lake wrote:
Steve Langasek wrote:
The Acrobat Reader software has serious security problems that Adobe has expressed a lack of interest in correcting. It's recommended that you use xpdf instead, and report any bugs to the very responsive maintainer.
Can you provide some links/refs or brief description of the security problems? What are they? I understand that PostScript can contain virii as its a full programming language but PDF is less that that. What can it do thats nasty?
A little googling turned up this reference to the Irix security advisory for the problem:
http://www.auscert.org.au/render.html?it=2311&cid=1
At the time, attempts to persuade Adobe to release a fixed version of the software for Linux failed, and the license is sufficiently non-free that we couldn't fix the problem locally at the time (and can't distribute the software at all now, in any case).
There's also http://bugs.debian.org/137997, a bug about static linking with a buggy zlib (which may have been fixed by Adobe since).
Regards,
-- Mike Lake Caver, Linux enthusiast and interested in anything technical.
