*** This bug has been split off bug 145049 *** ------- Original comment by Josh Bressers (Security Response Team) on 2005.01.13 17:30 ------- iDEFENSE has reported a stack based buffer overflow in xpdf. The patch is here: ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch The iDEFENSE advisory is attachment 109745 [details]
The patch URL does not yet work. We don't have a patch from upstream yet. I'll update the bugs as soon as I know.
Now public, see URL for patch, removing embargo
it's now fixed in xpdf-3.00-11.3
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-034.html