Hello usata & matsuu, I know you are busy with our security bug 75801, but now there is one more xpdf vulnerability to patch. This is still confidential, so you just can't commit it to portage, but please improve on the ebuilds posted on bug 75801 and attach them here. We'll call for arch testing and try to be ready for disclosure date, on Jan 18. Maybe it's just better to attach a portage-overlay-tarball with all the files and ebuilds necessary to test.
Created attachment 48671 [details, diff] CAN-2005-0064.patch Patch on xpdf by RedHat.
Better wait for the upstream official patch...
Created attachment 48841 [details] tetex-portage-overlay.tar.bz2
Matsuu: I am sorry, it was discovered that the CAN-2005-0064.patch is not sufficient, and we should apply the official xpdf upstream patch. I regrouped all tetex security issue in bug 75801 now that they are all public. *** This bug has been marked as a duplicate of 75801 ***