Viewing all changes in revision 19.
- Committer: Bazaar Package Importer
- Date: 2007-12-04 10:53:07 UTC
- Revision ID: james.westby@ubuntu.com-20071204105307-ryd6h5vsj6ii3gun
* SECURITY UPDATE: improper bounds on static buffer results in stack-based
buffer overflow
* debian/patches/SECURITY_CVE-2007-5935.patch: make sure tmpbuf is allocated
enough memory in texk/dvipsk/hps.c
* SECURITY UPDATE: temporary file race condition in dviljk due to use of
tmpnam()
* SECURITY UPDATE: various buffer overflows in dviljk due to not checking
memory boundaries
* debian/patches/SECURITY_CVE-2007-5936+5937.patch: use mkdtemp() if
available in dvi2xx.c. Replace calls to strcpy() and do proper bounds
checking in dvi2xx.*.
* Modify Maintainer value to match the DebianMaintainerField
specification.
* debian/control: Build-Depends on libcairo2-dev
* References
CVE-2007-5935
CVE-2007-5936
CVE-2007-5937
buffer overflow
* debian/patches/SECURITY_CVE-2007-5935.patch: make sure tmpbuf is allocated
enough memory in texk/dvipsk/hps.c
* SECURITY UPDATE: temporary file race condition in dviljk due to use of
tmpnam()
* SECURITY UPDATE: various buffer overflows in dviljk due to not checking
memory boundaries
* debian/patches/SECURITY_CVE-2007-5936+5937.patch: use mkdtemp() if
available in dvi2xx.c. Replace calls to strcpy() and do proper bounds
checking in dvi2xx.*.
* Modify Maintainer value to match the DebianMaintainerField
specification.
* debian/control: Build-Depends on libcairo2-dev
* References
CVE-2007-5935
CVE-2007-5936
CVE-2007-5937
expand all
collapse all
added
removed
