Seems like evince is affected by GLSA 200611-20. Any other packages bundling gv?
confirmed that it is possible to overwrite the EIP. I'll attach a patch that fixed the problem for me. somebody should doubletest, just to make sure that i didnt mess up.there is another app called "ggv" that might bundle gv code, but not checked yet.
Created attachment 102972 [details, diff] Proposed patch, based on the gv patch. for version 0.6.1
upstream patch: http://cvs.gnome.org/viewcvs/evince/ps/ps.c?r1=1.6&r2=1.6.6.1&makepatch=1&diff_format=h
Gnome please advise.
Okay, I've added 0.6.1-rc3 to the tree with this fix. Arches: Literally the only change was to the postscript backend. You should only need to test .ps files.
Thx Daniel. Arches please test and mark stable. Target keywords are: evince-0.6.1-r3.ebuild:KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86"
x86 stable
sparc stable.
Stable for HPPA.
alpha/amd64/ia64 done
ppc stable
ppc64 stable
GLSA 200704-06, thanks to everybody