[Secure-testing-commits] r628 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Wed, 23 Mar 2005 19:06:23 +0100


Author: joeyh
Date: 2005-03-23 19:06:18 +0100 (Wed, 23 Mar 2005)
New Revision: 628

Modified:
   sarge-checks/CAN/list
Log:
tetex-bin is not vulnerable to CAN-2005-0206


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-03-23 16:26:04 UTC (rev 627)
+++ sarge-checks/CAN/list	2005-03-23 18:06:18 UTC (rev 628)
@@ -2320,7 +2320,9 @@
 	- kernel-image-2.6.8-ia64 2.6.8-13
 	- kernel-image-2.6.8-i386 2.6.8-15
 CAN-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
-	- tetex-bin (unfixed; bug #300182)
+	NOTE: turns out that tetex was patched for CAN-2004-0888 with
+	NOTE: a fixed patch from the beginning
+	- tetex-bin tetex-bin 2.0.2-23
 	TODO: check other packages
 	NOTE: Also needs to be checked in pdftex (in tetex-bin) gpdf, kpdf/kdegraphics, cupsysnd and pdftohtml all have xpdf code 
 	NOTE: found this: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393