Package: tetex-bin Version: 3.0-10.1 Severity: grave Tags: security Justification: user security hole
Multiple exploitable security problems have been found in xpdf, which are all present in tetex-bin's embedded xpdf copy as well: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability http://www.idefense.com/application/poi/display?id=342 Multiple Vendor xpdf DCTStream Progressive Heap Overflow http://www.idefense.com/application/poi/display?id=343 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability http://www.idefense.com/application/poi/display?id=344 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability http://www.idefense.com/application/poi/display?id=345 Please reference CVE-2005-3191, CVE-2005-3192 and CVE-2005-3193 when fixing this. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-2-686 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages tetex-bin depends on: ii debconf [debconf-2.0] 1.4.62 Debian configuration management sy ii debianutils 2.15.1 Miscellaneous utilities specific t ii dpkg 1.13.11.0.1 package maintenance system for Deb ii ed 0.2-20 The classic unix line editor ii libc6 2.3.5-8.1 GNU C Library: Shared libraries an ii libgcc1 1:4.0.2-5 GCC support library ii libice6 6.8.2.dfsg.1-11 Inter-Client Exchange library ii libkpathsea4 3.0-10.1 path search library for teTeX (run ii libpaper1 1.1.14-3 Library for handling paper charact ii libpng12-0 1.2.8rel-5 PNG library - runtime ii libsm6 6.8.2.dfsg.1-11 X Window System Session Management ii libstdc++6 4.0.2-5 The GNU Standard C++ Library v3 ii libt1-5 5.1.0-2 Type 1 font rasterizer library - r ii libx11-6 6.8.2.dfsg.1-11 X Window System protocol client li ii libxaw8 6.8.2.dfsg.1-11 X Athena widget set library ii libxext6 6.8.2.dfsg.1-11 X Window System miscellaneous exte ii libxmu6 6.8.2.dfsg.1-11 X Window System miscellaneous util ii libxp6 6.8.2.dfsg.1-11 X Window System printing extension ii libxpm4 6.8.2.dfsg.1-11 X pixmap library ii libxt6 6.8.2.dfsg.1-11 X Toolkit Intrinsics ii mime-support 3.35-1 MIME files 'mime.types' & 'mailcap ii perl 5.8.7-8 Larry Wall's Practical Extraction ii sed 4.1.4-4 The GNU sed stream editor ii tetex-base 3.0-10 Basic library files of teTeX ii ucf 2.004 Update Configuration File: preserv pi xlibs 6.8.2.dfsg.1-11 X Window System client libraries m ii zlib1g 1:1.2.3-8 compression library - runtime Versions of packages tetex-bin recommends: ii dialog 1.0-20051107-1 Displays user-friendly dialog boxe pn libxml-parser-perl <none> (no description available) pn perl-tk <none> (no description available) ii psutils 1.17-21 A collection of PostScript documen ii whiptail 0.51.6-31 Displays user-friendly dialog boxe -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
