[Pkg-cups-devel] Bug#355122: missing hunk in latest security patch?
Hilmar Preusse
hille42 at web.de
Fri Mar 3 13:52:40 UTC 2006
Package: cupsys
Version: 1.1.14-5woody14
Severity: important
Tags: woody security
Hi,
This is a spin off from #346086. The bug is fixed in teTeX
2.0.2-30sarge4. Further the bug is fixed in the woody version except
the last hunk, which seems to be missing.
I've asked the submitter if one really needs that hunk and got the
answer that the missing hunk could make xpdf hang. He further said:
"This is precisely the fix that is required to avoid endless loops
with prematurely ending PDF files (CVE-2005-3625). So it is not
exploitable to execute any code or something, but it's still a nasty
DoS, particularly in Cups."
Please check if one really needs it in the xpdf version of woody
(1.0) and if yes apply it.
For further informations please refer to the bug quoted above.
Regards,
Hilmar
--
sigmentation fault
More information about the Pkg-cups-devel
mailing list