This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Security advisory: xpdf (CVE-2005-3624/25/26/27)
- From: "Yaakov S (Cygwin Ports)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps at cygwin dot com
- Date: Mon, 30 Jan 2006 21:04:05 -0600
- Subject: Security advisory: xpdf (CVE-2005-3624/25/26/27)
Xpdf is vulnerable to integer overflows that may be exploited to execute
arbitrary code.
Solution: apply this patch to xpdf-3.01:
http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/app-text/xpdf/files/xpdf-3.01-sec-rollup.patch
More information:
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
Yaakov