Summary: | app-text/gpdf is probably affected by new xpdf vuln | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | gnome |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Thierry Carrez (RETIRED)
2004-12-21 09:07:46 UTC
gpdf includes xpdf 3.00 with the vulnerable code gnome herd, pls provide an updated ebuild with the patches from bug 75191 Added gpdf-2.8.1-r1 to the tree with gpdf-xpdf-CAN-2004-1125.patch. Thanks for the heads up. thanks Joe security, this seems ready for a GLSA, since maintainer has kept keywords Maybe we can combine this with the other xpdf related bugs? not all archs are stable yet, cc'ing them. Disclaimer: careful with moving over stable keywords, it wouldn't be the first time it broke (recent example = php). Ok, sparc stable. PPC stable. amd64 done Back to [stable] status : not ready yet, still missing a necessary keyword (alpha). Stable on alpha. Stable on hppa. GLSA 200412-24 ia64, mips : please mark gpdf stable to benefit from GLSA Stable on mips. btw, this was http://bugzilla.gnome.org/show_bug.cgi?id=162084 a fixed gpdf 2.8.2 is supposed to follow today |