Gentoo Bug 78251 - app-text/tetex: one more vulnerability in xpdf

First Last Prev Next No search results available Search page Enter new bug

Bug#:	78251
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	DUPLICATE of bug 75801
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Thierry Carrez (RETIRED) <koon@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
CAN-2005-0064.patch	CAN-2005-0064.patch	patch	Thierry Carrez (RETIRED)	2005-01-16 11:27 0000	773 bytes	Details \| Diff
tetex-portage-overlay.tar.bz2	tetex-portage-overlay.tar.bz2	application/octet-stream	MATSUU Takuto	2005-01-18 07:51 0000	9.37 KB	Details
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 78251 depends on:			Show dependency tree
Bug 78251 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED DUPLICATE
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2005-01-16 11:26 0000

Hello usata & matsuu,
I know you are busy with our security bug 75801, but now there is one more xpdf vulnerability to patch. This is still confidential, so you just can't commit it to portage, but please improve on the ebuilds posted on bug 75801 and attach them here. We'll call for arch testing and try to be ready for disclosure date, on Jan 18. Maybe it's just better to attach a portage-overlay-tarball with all the files and ebuilds necessary to test.

------- Comment #1 From Thierry Carrez (RETIRED) 2005-01-16 11:27:49 0000 -------

Created an attachment (id=48671) [details]
CAN-2005-0064.patch

Patch on xpdf by RedHat.

------- Comment #2 From Thierry Carrez (RETIRED) 2005-01-18 06:51:28 0000 -------

Better wait for the upstream official patch...

------- Comment #3 From MATSUU Takuto 2005-01-18 07:51:09 0000 -------

Created an attachment (id=48841) [details]
tetex-portage-overlay.tar.bz2

------- Comment #4 From Thierry Carrez (RETIRED) 2005-01-19 00:31:48 0000 -------

Matsuu: I am sorry, it was discovered that the CAN-2005-0064.patch is not
sufficient, and we should apply the official xpdf upstream patch. I regrouped
all tetex security issue in bug 75801 now that they are all public.


*** This bug has been marked as a duplicate of 75801 ***

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 78251

app-text/tetex: one more vulnerability in xpdf

Last modified: 2007-01-06 16:52:02 0000