[Secure-testing-commits] r628 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 23 Mar 2005 19:06:23 +0100
Author: joeyh
Date: 2005-03-23 19:06:18 +0100 (Wed, 23 Mar 2005)
New Revision: 628
Modified:
sarge-checks/CAN/list
Log:
tetex-bin is not vulnerable to CAN-2005-0206
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-23 16:26:04 UTC (rev 627)
+++ sarge-checks/CAN/list 2005-03-23 18:06:18 UTC (rev 628)
@@ -2320,7 +2320,9 @@
- kernel-image-2.6.8-ia64 2.6.8-13
- kernel-image-2.6.8-i386 2.6.8-15
CAN-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
- - tetex-bin (unfixed; bug #300182)
+ NOTE: turns out that tetex was patched for CAN-2004-0888 with
+ NOTE: a fixed patch from the beginning
+ - tetex-bin tetex-bin 2.0.2-23
TODO: check other packages
NOTE: Also needs to be checked in pdftex (in tetex-bin) gpdf, kpdf/kdegraphics, cupsysnd and pdftohtml all have xpdf code
NOTE: found this: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393