gpdf includes xpdf code and therefore might be vulnerable to CAN-2004-1125.
Please see bug 75191 for the patch.
gpdf includes xpdf 3.00 with the vulnerable code
gnome herd, pls provide an updated ebuild with the patches from bug 75191
Added gpdf-2.8.1-r1 to the tree with gpdf-xpdf-CAN-2004-1125.patch. Thanks for the heads up.
security, this seems ready for a GLSA, since maintainer has kept keywords
Maybe we can combine this with the other xpdf related bugs?
not all archs are stable yet, cc'ing them.
Disclaimer: careful with moving over stable keywords, it wouldn't be the first time it broke (recent example = php).
Ok, sparc stable.
Back to [stable] status : not ready yet, still missing a necessary keyword (alpha).
Stable on alpha.
Stable on hppa.
ia64, mips : please mark gpdf stable to benefit from GLSA
Stable on mips.
btw, this was http://bugzilla.gnome.org/show_bug.cgi?id=162084
a fixed gpdf 2.8.2 is supposed to follow today