Viewing all changes in revision 5.
- Committer: Bazaar Package Importer
- Date: 2005-12-09 16:18:23 UTC
- Revision ID: james.westby@ubuntu.com-20051209161823-t94po5kkcwvijcpa
* SECURITY UPDATE: Multiple integer/buffer overflows.
* xpdf/Stream.cc, DCTStream::readBaselineSOF(),
DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
- CVE-2005-3191
* xpdf/Stream.cc, StreamPredictor::StreamPredictor():
- Check rowBytes for invalid values.
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
- CVE-2005-3192
* xpdf sources do not contain JPXStream.cc, and are thus
not vulnerable against CVE-2005-3193
* xpdf/Stream.cc, DCTStream::readBaselineSOF(),
DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
- CVE-2005-3191
* xpdf/Stream.cc, StreamPredictor::StreamPredictor():
- Check rowBytes for invalid values.
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
- CVE-2005-3192
* xpdf sources do not contain JPXStream.cc, and are thus
not vulnerable against CVE-2005-3193
- files added:
- debian/patches/kubuntu_02_xpdf_vulnerability.diff
- files modified:
- debian/changelog
expand all
collapse all
added
removed
