-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 23 Nov 2004 13:17:51 +0100 Source: tetex-bin Binary: libkpathsea3 tetex-bin libkpathsea-dev Architecture: source i386 Version: 2.0.2-24 Distribution: unstable Urgency: high Maintainer: teTeX maintainers <debian-tetex-maint@lists.debian.org> Changed-By: Frank Küster <frank@debian.org> Description: libkpathsea-dev - path search library for teTeX (devel part) libkpathsea3 - path search library for teTeX (runtime part) tetex-bin - The teTeX binary files Closes: 279713 280467 280727 281388 Changes: tetex-bin (2.0.2-24) unstable; urgency=high . * SECURITY UPDATE: more buffer overflows in xpdf library, thanks to Martin Pitt <mpitt@debian.org> for the tetex-bin-specific patch, which fixes more integer overflows discovered by Markus Meissner <meissner@suse.de>, thanks to him for discovering this. * Added debian/patches/patch-CAN-2004-0888. This patch contains the first fix included in the last upload, as well as the additional fixes from this upload, which are: - libs/xpdf/goo/gmem.[ch]: change declarations of gmalloc and grealloc to use size_t instead of int; int truncated sizes to 32 bits, which made xpdf still vulnerable to integer (and eventually buffer) overflow attacks on 64 bit platforms like amd64. - libs/xpdf/xpdf/XRef.cc: fix several unchecked negative integer conditions - References: CAN-2004-0888 [frank] * Create temporary directory safely in the Debian-speicfic patch to texdoc [frank] * Fix outdated file locations in manpage for cweb, ctangle, and cweave (closes: #280467) [frank] * Translations: - added italian translation, thanks to Luca Monducci <luca.mo@tiscali.it> (closes: #279713) [frank] - added lithuanian translation, thanks to KÄstutis BiliÅ«nas <kebil@kaunas.init.lt> (closes: #280727) [frank] - corrected typo in german translation, thanks to Erik Schanze <schanzi_usenet@gmx.de> (closes: #281388) [frank] Files: 596efe3b10dc10294dde7468c841fed8 1044 tex optional tetex-bin_2.0.2-24.dsc eeac52ad3cd397ca10906dbdff89b974 123536 tex optional tetex-bin_2.0.2-24.diff.gz d9dae6f1252ed5de384e179699f6a8cc 3934814 tex optional tetex-bin_2.0.2-24_i386.deb 67643997082eee1bd733da255f2bf232 57864 libs optional libkpathsea3_2.0.2-24_i386.deb 3f99dc157de1bdcdb2df8da3187ceafe 66244 libdevel optional libkpathsea-dev_2.0.2-24_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBqyIJ+xs9YyJS+hoRAlrYAJ4jG3HhC1YK1XKEZir3FgSfH9fYNACaA/RT 6Ne+aKupNvHnnQPpPS2geVo= =ySkz -----END PGP SIGNATURE----- Accepted: libkpathsea-dev_2.0.2-24_i386.deb to pool/main/t/tetex-bin/libkpathsea-dev_2.0.2-24_i386.deb libkpathsea3_2.0.2-24_i386.deb to pool/main/t/tetex-bin/libkpathsea3_2.0.2-24_i386.deb tetex-bin_2.0.2-24.diff.gz to pool/main/t/tetex-bin/tetex-bin_2.0.2-24.diff.gz tetex-bin_2.0.2-24.dsc to pool/main/t/tetex-bin/tetex-bin_2.0.2-24.dsc tetex-bin_2.0.2-24_i386.deb to pool/main/t/tetex-bin/tetex-bin_2.0.2-24_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
