Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Thierry Carrez <koon@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] UPDATE: [ GLSA 200410-20 ] Xpdf, CUPS: Multiple integer overflows
Date: Sat, 06 Nov 2004 13:29:08
Message-Id: 418CD14A.3090405@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200410-20:02
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Xpdf, CUPS: Multiple integer overflows
9 Date: October 21, 2004
10 Updated: November 06, 2004
11 Bugs: #69662
12 ID: 200410-20:02
13
14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16 Update
17 ======
18
19 The original fix introduced new vulnerabilities on 64-bit platforms.
20 New fixed packages are available. Updated sections follow.
21
22 Affected packages
23 =================
24
25 -------------------------------------------------------------------
26 Package / Vulnerable / Unaffected
27 -------------------------------------------------------------------
28 1 app-text/xpdf <= 3.00-r4 >= 3.00-r5
29 2 net-print/cups <= 1.1.20-r4 >= 1.1.20-r5
30 -------------------------------------------------------------------
31 2 affected packages on all of their supported architectures.
32 -------------------------------------------------------------------
33
34 Resolution
35 ==========
36
37 All Xpdf users should upgrade to the latest version:
38
39 # emerge --sync
40 # emerge --ask --oneshot --verbose ">=app-text/xpdf-3.00-r5"
41
42 All CUPS users should also upgrade to the latest version:
43
44 # emerge --sync
45 # emerge --ask --oneshot --verbose ">=net-print/cups-1.1.20-r5"
46
47 Availability
48 ============
49
50 This GLSA and any updates to it are available for viewing at
51 the Gentoo Security Website:
52
53 http://security.gentoo.org/glsa/glsa-200410-20.xml
54
55 Concerns?
56 =========
57
58 Security is a primary focus of Gentoo Linux and ensuring the
59 confidentiality and security of our users machines is of utmost
60 importance to us. Any security concerns should be addressed to
61 security@g.o or alternatively, you may file a bug at
62 http://bugs.gentoo.org.
63
64 License
65 =======
66
67 Copyright 2004 Gentoo Foundation, Inc; referenced text
68 belongs to its owner(s).
69
70 The contents of this document are licensed under the
71 Creative Commons - Attribution / Share Alike license.
72
73 http://creativecommons.org/licenses/by-sa/1.0

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups