Gentoo Bug 118665 - media-libs/libextractor possibly includes vulnerable Xpdf code

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	118665
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 118665 depends on:			Show dependency tree
Bug 118665 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2006-01-11 07:28 0000

Could be affected by:

Bug #117481
GLSA 200512-08
GLSA 200508-08
GLSA 200501-28
GLSA 200412-24
GLSA 200410-20

net-p2p please advise.

------- Comment #1 From Sune Kloppenborg Jeppesen 2006-01-16 14:48:15 0000 -------

Please provide an updated ebuild.

[23:40:05] <@mkay> jaervosz: yep - libextractor is affected

------- Comment #2 From Marcin Kryczek (RETIRED) 2006-01-16 15:08:39 0000 -------

i've just added 0.5.9 (which is unaffected by this problem) to cvs. please mark
stable

------- Comment #3 From Marcin Kryczek (RETIRED) 2006-01-16 15:30:32 0000 -------

stable on x86

------- Comment #4 From Jason Wever (RETIRED) 2006-01-16 18:31:35 0000 -------

SPARC'd

------- Comment #5 From Sune Kloppenborg Jeppesen 2006-01-16 22:48:58 0000 -------

Thx, this one is ready for GLSA. Perhaps we should bundle it with some of the
other xpdf issues?

------- Comment #6 From Thierry Carrez (RETIRED) 2006-01-18 00:57:10 0000 -------

Yes, I would bundle it with pdftohtml and/or tetex (those which didn't get an
advisory in December) as the description of those should include the two
issues.

------- Comment #7 From Sune Kloppenborg Jeppesen 2006-01-30 14:39:28 0000 -------

GLSA 200601-17

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 118665

media-libs/libextractor possibly includes vulnerable Xpdf code

Last modified: 2006-01-30 14:39:28 0000