Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 198409 - app-office/{koffice,kword}, kde-base/{kdegraphics,kpdf} Multiple XPDF issues (CVE-2007-{4352,5392,5393})
Summary: app-office/{koffice,kword}, kde-base/{kdegraphics,kpdf} Multiple XPDF issues ...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Security
URL: http://www.kde.org/info/security/advi...
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks: 196735
  Show dependency tree
 
Reported: 2007-11-07 23:50 UTC by Robert Buchholz (RETIRED)
Modified: 2020-04-03 22:49 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2007-11-07 23:50:50 UTC
Multiple issues in XPDF, which our four KDE packages bundle.
See bug 196735 for details.

KDE, please advise. Any word from upstream?
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-11-09 10:37:55 UTC
The patches are linked from the KDE advisory in $URL.
Comment 2 Wulf Krueger (RETIRED) gentoo-dev 2007-11-11 19:11:07 UTC
This is fixed in the following packages that require no further work:

kde-base/kpdf-3.5.8-r1
kde-base/kdegraphics-3.5.8-r1

These four packages are fixed, too, but need to be stabilised:

kde-base/kpdf-3.5.7-r3
kde-base/kdegraphics-3.5.7-r3
app-office/kword-1.6.3-r2 
app-office/koffice-1.6.3-r2
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2007-11-11 20:01:48 UTC
Arches, please test and mark stable kde-base/kpdf-3.5.7-r2:
Target keywords : "alpha amd64 ia64 ppc ppc64 sparc x86"

kde-base/kdegraphics-3.5.7-r3:
Target keywords : "alpha amd64 hppa ia64 mips ppc ppc64 sparc x86"

app-office/kword-1.6.3-r2:
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"

app-office/koffice-1.6.3-r2:
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Comment 4 Wulf Krueger (RETIRED) gentoo-dev 2007-11-11 21:47:13 UTC
It's kde-base/kpdf-3.5.7-r3, *not* -r2. :-)

Marked all four stable on amd64.
Comment 5 Christian Faulhammer (RETIRED) gentoo-dev 2007-11-12 14:08:16 UTC
(In reply to comment #3)
> Arches, please test and mark stable kde-base/kpdf-3.5.7-r2:
> app-office/kword-1.6.3-r2:
> Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"

 Done on x86, rest for someone else.
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2007-11-12 19:25:18 UTC
Stable for HPPA.
Comment 7 Markus Rothe (RETIRED) gentoo-dev 2007-11-12 19:33:17 UTC
ppc64 stable
Comment 8 Dawid Węgliński (RETIRED) gentoo-dev 2007-11-13 16:49:19 UTC
koffice done on x86
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2007-11-13 17:35:00 UTC
alpha/ia64/sparc stable
Comment 10 Markus Meier gentoo-dev 2007-11-13 23:46:13 UTC
kdegraphics stable on x86, we are out.
Comment 11 Tobias Scherbaum (RETIRED) gentoo-dev 2007-11-18 08:59:18 UTC
ppc stable
Comment 12 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-11-18 21:01:05 UTC
GLSA 200711-22
Comment 13 Peter Volkov (RETIRED) gentoo-dev 2008-03-06 09:47:24 UTC
Does not affect current (2008.0) release. Removing release.