-
Committer:
Bazaar Package Importer
-
Author(s):
Jonathan Riddell
-
Date:
2005-12-09 16:18:23 UTC
-
Revision ID:
james.westby@ubuntu.com-20051209161823-t94po5kkcwvijcpa
Tags: 1:1.4.1-0ubuntu7.1
* SECURITY UPDATE: Multiple integer/buffer overflows.
* xpdf/Stream.cc, DCTStream::readBaselineSOF(),
DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
- CVE-2005-3191
* xpdf/Stream.cc, StreamPredictor::StreamPredictor():
- Check rowBytes for invalid values.
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
- CVE-2005-3192
* xpdf sources do not contain JPXStream.cc, and are thus
not vulnerable against CVE-2005-3193