Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote: > Frank Küster wrote: >> >> Package: xpdf-reader >> >> Version: 3.00-14 >> >> Severity: important >> >> Tags: security >> >> >> >> A DoS vulnerability has been found in xpdf: PDFs with specially crafted >> >> loca tables can fill up /tmp. It seems as if the upcoming 3.01 will >> >> contain a patch. >> > >> > Thanks for the heads-up. I'll be sure to upload 3.01 as soon as it's >> > released. The work I did in 3.00-14 (ie switching to dpatch) should make >> > it fairly easy to migrate to the new version. >> >> There's already a patch at ftp://ftp.kde.org/pub/kde/security_patches/, >> I'm attaching it along with the signature file. > > Ubuntu has an xpdf specific patch as well.
I's be surprised if the difference in the patch would be more than different -p options, and different names for the removed leading directories. In other words, if this is the case, please inform me! Regards, Frank -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer
