-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2007-11-13 10:07:37 UTC
-
Revision ID:
james.westby@ubuntu.com-20071113100737-ips556puil8lm5cb
Tags: 0.5.1-0ubuntu7.3
* SECURITY UPDATE: out of bounds array access causes memory corruption via
a crafted PDF file
* fix for DCTStream::readScanInfo() in Stream.cc to properly check
boundaries
* SECURITY UPDATE: integer overflow resulting in heap-based overflow and
potential arbitrary code execution via crafted PDF file
* fix for DCTStream::reset() in Stream.cc to properly check width and height
* SECURITY UPDATE: boundary error in lookChar() resulting in heap-based
overflow and potential arbitrary code execution via crafted PDF file
* fixes for CCITTFaxStream::CCITTFaxStream and CCITTFaxStream::lookChar() in
Stream.cc to properly check boundary conditions. This also includes
upstream refactoring for easier maintenance.
* References
CVE-2007-4352
CVE-2007-5392
CVE-2007-5393