This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Security advisory: xpdf (CAN-2005-3193)
- From: "Yaakov S (Cygwin Ports)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps at cygwin dot com
- Date: Wed, 07 Dec 2005 19:23:42 -0600
- Subject: Security advisory: xpdf (CAN-2005-3193)
Dr. Volker Zell,
Recent versions of xpdf suffer from several buffer overflow
vulnerabilities (more information at the URLs below).
Solution: upgrade to 3.01 and apply the upstream 3.01pl1 patch, both
available from the xpdf download site.
http://bugs.gentoo.org/show_bug.cgi?id=114428
http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
Yaakov