Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 121511

Summary: app-text/gpdf second Xpdf round this year aka splash handling heap overflow (CVE-2006-0301)
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: gnome, wolf31o2
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
Whiteboard: B2 [glsa] jaervosz
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-02-04 00:47:45 UTC
See bug #120985 for details.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-02-04 00:49:00 UTC
Gnome please provide an updated ebuild.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2006-02-12 10:46:21 UTC
Gnome team: please bump gpdf
Comment 3 Daniel Gryniewicz (RETIRED) gentoo-dev 2006-02-12 11:51:26 UTC
Okay, 2.10.0-r4 has the patch, although I was unable to reproduce the crash even without it.
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2006-02-13 10:38:22 UTC
Arches please test and mark 2.10.0-r4 stable
Comment 5 Mark Loeser (RETIRED) gentoo-dev 2006-02-13 16:59:16 UTC
x86 done
Comment 6 Gustavo Zacarias (RETIRED) gentoo-dev 2006-02-14 07:32:58 UTC
sparc stable.
Comment 7 Markus Rothe (RETIRED) gentoo-dev 2006-02-15 00:25:03 UTC
stable on ppc64
Comment 8 Jose Luis Rivero (yoswink) (RETIRED) gentoo-dev 2006-02-15 05:00:58 UTC
alpha stable
Comment 9 Tobias Scherbaum (RETIRED) gentoo-dev 2006-02-15 10:59:13 UTC
ppc stable
Comment 10 René Nussbaumer (RETIRED) gentoo-dev 2006-02-15 13:44:57 UTC
Forgot to remove hppa from CC. Done that now.
Comment 11 Daniel Gryniewicz (RETIRED) gentoo-dev 2006-02-16 18:38:25 UTC
amd64 done.
Comment 12 Thierry Carrez (RETIRED) gentoo-dev 2006-02-21 09:46:34 UTC
GLSA 200602-12
mips and ia64 should mark stable to benefit from GLsA