Gentoo Bug 120451 - app-text/xpdf possible second round this year (CVE-2006-0301) (Vendor-sec)

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	120451
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	DUPLICATE of bug 120985
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
xpdf-splash-overflow.diff	xpdf-splash-overflow.diff	patch	Sune Kloppenborg Jeppesen	2006-01-26 11:48 0000	1.35 KB	Details \| Diff
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 120451 depends on:			Show dependency tree
Bug 120451 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED DUPLICATE
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2006-01-26 11:45 0000

Reported on V-S by Dirk Mueller from KDE

[shortening CC]

> I'm attaching a patch file which I believe covers all of the issues
> that have been raised with Xpdf.

I don't think it fixes the problem with invalid coordinates in splash 
handling, for which I attach my patch. 

example exploit:  http://www.marantz.com/pdfs/g_sr7500_man.pdf
(page 12 produces a heap buffer overflow).

------- Comment #1 From Sune Kloppenborg Jeppesen 2006-01-26 11:48:13 0000 -------

Created an attachment (id=78206) [details]
xpdf-splash-overflow.diff

------- Comment #2 From Sune Kloppenborg Jeppesen 2006-01-26 11:50:31 0000 -------

Printing please advise which packages this affects.

I propose to hold off patching until we have an official upstream fix.

------- Comment #3 From Stefan Schweizer 2006-01-26 12:14:56 0000 -------

my kpdf crashes on that page, too. Seems poppler is affected.

------- Comment #4 From Daniel Gryniewicz 2006-01-27 12:21:36 0000 -------

All of evince/poppler 0.5.0, gpdf-2.10.0-r2, and xpdf-3.01-r6 display that
entire file fine for me.

------- Comment #5 From Sune Kloppenborg Jeppesen 2006-01-27 13:17:09 0000 -------

kpdf crashes here as well.

------- Comment #6 From Sune Kloppenborg Jeppesen 2006-01-31 02:39:12 0000 -------

Handling this on public bug #120985

*** This bug has been marked as a duplicate of 120985 ***

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 120451

app-text/xpdf possible second round this year (CVE-2006-0301) (Vendor-sec)

Last modified: 2006-01-31 02:39:12 0000