xpdf -- buffer overflows

2006-01-09T00:00:00
ID DSA-931
Type debian
Reporter Debian
Modified 2006-01-09T00:00:00

Description

"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, that can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

For the old stable distribution (woody) these problems have been fixed in version 1.00-3.8.

For the stable distribution (sarge) these problems have been fixed in version 3.00-13.4.

For the unstable distribution (sid) these problems have been fixed in version 3.01-4.

We recommend that you upgrade your xpdf package.