pdftohtml includes xpdf code and therefore might be vulnerable to CAN-2004-1125. Please see bug 75191 for the patch. Robin, you did the last security bump, could you please look into it ?
pdftohtml contains xpdf 2.02 and the vulnerability is verified for 3.00 Nevertheless the patch applies cleanly except for the last part (GfxState.cc lines 1054,1060), which is just a slight change in an error message afaict.
Robin: please apply patch and bump
patch in cvs now. sparc,ppc,amd64,ppc64 need to mark stable.
Thx Robin. ppc, ppc64, sparc: please test and mark 0.36-r2 stable
stable on ppc64
stable on ppc.
Stable on sparc
GLSA 200501-13