SuSE researchers discovered heap overflow errors in xpdf, the Portable
Document Format (PDF) suite, that can allow attackers to cause a
denial of service by crashing the application or possibly execute
arbitrary code.
The old stable distribution (woody) is not affected.
For the stable distribution (sarge) these problems have been fixed in
version 3.00-13.5.
For the unstable distribution (sid) these problems have been fixed in
version 3.01-6.
We recommend that you upgrade your xpdf packages.