*** This bug has been split off bug 145049 *** ------- Original comment by Josh Bressers (Security Response Team) on 2005.01.13 17:30 ------- iDEFENSE has reported a stack based buffer overflow in xpdf. The patch is here: ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch The iDEFENSE advisory is attachment 109745 [details] This issue should also affect FC2
The patch URL does not yet work. We don't have a patch from upstream yet. I'll update the bugs as soon as I know.
Lifting embargo.
it's now fixed in xpdf-3.00-3.7.
CAN-2005-0064 Affects: FC2 [#145050:MODIFIED] -> 2005-051 20050120 CAN-2005-0064 Affects: FC3 [#145050:MODIFIED] -> 2005-052 20050120