-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 31 Mar 2008 07:24:10 +0000 Source: xpdf Binary: xpdf-utils xpdf xpdf-reader xpdf-common Architecture: source amd64 all Version: 3.01-9.1+etch2 Distribution: stable-security Urgency: high Maintainer: Hamish Moffatt <hamish@debian.org> Changed-By: Devin Carraway <devin@debian.org> Description: xpdf - Portable Document Format (PDF) suite xpdf-common - Portable Document Format (PDF) suite -- common files xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11 xpdf-utils - Portable Document Format (PDF) suite -- utilities Changes: xpdf (3.01-9.1+etch2) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Packport upstream 3.0pl2 patch (35_3.02pl2.dpatch): - CVE-2007-4352: Inadequate data validation in DCTStream::reset(), allowing use of an invalid array index, causing memory corruption and potentially the execution of arbitrary code - CVE-2007-5392: Integer overflow vulnerability in DCTStream::reset(), allowing a buffer overflow on the heap, potentially allowing execution of arbitrary code - CVE-2007-5393: Buffer overflow vulnerability in CCITTFaxStream::lookChar(), potentially allowing execution of arbitrary code Files: e67bcc829b980bc91168137c5f7c8ff0 974 text optional xpdf_3.01-9.1+etch2.dsc aab7a1116e3267fad270dda3c77d79ea 38819 text optional xpdf_3.01-9.1+etch2.diff.gz b45afbdf7fb24ada4e657dba2a8c8243 1280 text optional xpdf_3.01-9.1+etch2_all.deb e5390719b5e1ccf8d7693a62ec34acfd 61314 text optional xpdf-common_3.01-9.1+etch2_all.deb e72df10c4736d9ea929118a7a70dfff3 795110 text optional xpdf-reader_3.01-9.1+etch2_amd64.deb fb1b065bf8436387895bcd70327a531a 1456842 text optional xpdf-utils_3.01-9.1+etch2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH8KHFU5XKDemr/NIRAiv4AKDlvsTbJ6+Cg++XZVzzpnkXTqBimwCfY7X8 6vOrbtUva330UfUnCfcaC68= =UdoB -----END PGP SIGNATURE----- Accepted: xpdf-common_3.01-9.1+etch2_all.deb to pool/main/x/xpdf/xpdf-common_3.01-9.1+etch2_all.deb xpdf-reader_3.01-9.1+etch2_amd64.deb to pool/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_amd64.deb xpdf-utils_3.01-9.1+etch2_amd64.deb to pool/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_amd64.deb xpdf_3.01-9.1+etch2.diff.gz to pool/main/x/xpdf/xpdf_3.01-9.1+etch2.diff.gz xpdf_3.01-9.1+etch2.dsc to pool/main/x/xpdf/xpdf_3.01-9.1+etch2.dsc xpdf_3.01-9.1+etch2_all.deb to pool/main/x/xpdf/xpdf_3.01-9.1+etch2_all.deb