Problem with cups/xpdf
michaelnottebrock at gmx.net
Wed Nov 17 08:28:42 PST 2004
On Tuesday, 16. November 2004 20:18, Josef El-Rayes wrote:
> Josef El-Rayes <josef at freebsd.org>:
> > Michael Nottebrock <michaelnottebrock at gmx.net>:
> > > > I am trying to upgrade my cups-port with an up-to-date ports-tree. It
> > > > fails because of the xpdf-vulnurability. But my xpdf-port is the most
> > > > recent one and I think that the vulnurability was handelt in this
> > > > version (if I can believ the cvs-comment).
> > > >
> > > > ===> cups-base-22.214.171.124 has known vulnerabilities:
> > > > >> xpdf -- integer overflow vulnerabilities.
> > > >
> > > > Reference:
> > > > <http://www.FreeBSD.org/ports/portaudit/ad2f3337-26bf-11d9-9289-000c4
> > > >1e2cda d .html>
> > >
> > > The vuxml entry is wrong, vid ad2f3337-26bf-11d9-9289-000c41e2cdad has
> > > <range><ge>0</ge></range> but needs <range><lt>1.1.21</lt></range>.
> > Yes, you are absolutely right, I will correct the wrong range(s).
> Okay I was a bit too fast, where did you find that the cups people fixed
> this issue in their new release?
Changes in CUPS v1.1.22rc2:
The pdftops filter didn't check the range of all integer attributes (STR #972)
... typo of mine there, it needs to be <lt>1.1.22</lt>
,_, | Michael Nottebrock | lofi at freebsd.org
(/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org
\u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20041117/03a15021/attachment.bin
More information about the freebsd-ports