PDF splash handling heap overflow Dirk Mueller told vendor-sec about a buffer overflow issue in the xpdf codebase when handling splash images.
Printing/Gnome please provide updated ebuild.
Further details here: https://bugzilla.novell.com/show_bug.cgi?id=141242
*** Bug 120451 has been marked as a duplicate of this bug. ***
latest kpdf-3.5.1 uses poppler now thanks to flameeyes the bug was fixed in poppler-0.5.0-r3 and gpdf users should upgrade to evince whihc uses kpdf ;) For xpdf I think we should patch it to use poppler, because no one of printing cares about it.
gpdf seems to have beeen fixed independantly. poppler has been fixed for this bug. xpdf has been fixed for this bug. app-text/poppler-0.5.0-r4 and app-text/xpdf-3.01-r7 need to go stable for this bug.
Gpdf is not fixed. Handling it on bug #120985 to start stable marking here. Arches please test and mark stable.
Stable on hppa. There's a depends problem with ~s390 while commiting xpdf.
Sorry, correct gpdf bug #121511
Please also mark poppler-bindings-0.5.0 stable, both poppler and poppler-bindings should have the same stable-version. List of what needs to go stable: app-text/poppler-0.5.0-r4 app-text/poppler-bindings-0.5.0 app-text/xpdf-3.01-r7
Packages in comment #9 stable on SPARC.
all three stable on amd64
alpha stable
ppc stable
stable on ppc64
x86 done
(In reply to comment #9) > Please also mark poppler-bindings-0.5.0 stable, both poppler and > poppler-bindings should have the same stable-version. > List of what needs to go stable: > > app-text/poppler-0.5.0-r4 > app-text/poppler-bindings-0.5.0 > app-text/xpdf-3.01-r7 Readding hppa. :-\
Stabalized also poppler-bindings. Because of hppa was not readded by bug-change so there is this delay.
GLSA 200602-04
