*** This bug has been split off bug 145049 ***
------- Original comment by Josh Bressers (Security Response Team) on 2005.01.13
iDEFENSE has reported a stack based buffer overflow in xpdf.
The patch is here:
The iDEFENSE advisory is attachment 109745 [details]
We're going to need new packages rolled for RHSA-2005:026 to include this issue.
The patch URL does not yet work. We don't have a patch from upstream yet. I'll
update the bugs as soon as I know.
Now public, see URL for patch, removing embargo
Mark, I have applied my own patch that also fixes the issue. Please let me know
if you're not happy with it.
Created attachment 109963 [details]
The patch applied to resolve CAN-2005-0064
Packages are now added to the erratum.
downgrading to moderate severity according to
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.