Summary: | kde-base/kdegraphics: kpdf Buffer Overflow Vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kde |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.kde.org/info/security/advisory-20041223-1.txt | ||
Whiteboard: | A2 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 72750 | ||
Bug Blocks: |
Description
Thierry Carrez (RETIRED)
2004-12-21 09:10:25 UTC
hasn't this already been fixed and GLSA'd? ...or is this a new vulnerability? A new vulnerability in xpdf that might affect kde. I think koon meant kpdf and not kfax. kpdf seem to include the vulnerable code and the patch applies cleanly upstream has been notified kde, pls provide an updated ebuild *** Bug 75301 has been marked as a duplicate of this bug. *** KDE security advisory published: http://www.kde.org/info/security/advisory-20041223-1.txt Thx Mathias. Kde please provide an updated ebuild. updated: kdegraphics-3.2.3-r3, kdegraphics-3.3.2-r1 Thx Caleb. Arches please mark kdegraphics-3.2.3-r3 stable. Handling stable marking of 3.3.2 on bug #72750 Stable on hppa. kdegraphics-3.3.2-r1 has already been marked stable on amd64 by Dylan. 3.3.2-r1 already stable on alpha. sparc please mark 3.2.3-r3 and 3.3.2-r1 stable. amd64 please mark 3.2.3-r3 stable if possible or GLSA should get an amd64 specific affected version section. Stable on amd64 Just letting you know that sparc is looking into this. Been having some problems with kicker crashing on startup that seem to affect both 3.2.3 and 3.3.x. Trying to isolate this. GLSA 200501-17 Stable on sparc sparc stable closing with GLSA 200501-17 And now fixed in the right order. |