From owner-freebsd-ports@FreeBSD.ORG Tue Nov 16 19:19:00 2004 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C9D2C16A4CE; Tue, 16 Nov 2004 19:19:00 +0000 (GMT) Received: from daemon.li (daemon.li [213.203.244.86]) by mx1.FreeBSD.org (Postfix) with ESMTP id 36F4C43D58; Tue, 16 Nov 2004 19:19:00 +0000 (GMT) (envelope-from josef@daemon.li) Received: from localhost (localhost [127.0.0.1]) (uid 1000) by daemon.li with local; Tue, 16 Nov 2004 19:18:59 +0000 Date: Tue, 16 Nov 2004 19:18:59 +0000 From: Josef El-Rayes To: Michael Nottebrock , freebsd-ports@freebsd.org, Jonathan Weiss , security@freebsd.org Message-ID: <20041116191859.GB29946@daemon.li> Mail-Followup-To: Michael Nottebrock , freebsd-ports@freebsd.org, Jonathan Weiss , security@freebsd.org References: <200411161512.38168.michaelnottebrock@gmx.net> <20041116190015.GA29946@daemon.li> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=_daemon.li-30148-1100632739-0001-2" Content-Disposition: inline In-Reply-To: <20041116190015.GA29946@daemon.li> User-Agent: Mutt/1.3.28i Subject: Re: Problem with cups/xpdf X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Nov 2004 19:19:00 -0000 This is a MIME-formatted message. If you see this text it means that your E-mail software does not support MIME-formatted messages. --=_daemon.li-30148-1100632739-0001-2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Josef El-Rayes : > Michael Nottebrock : > > > I am trying to upgrade my cups-port with an up-to-date ports-tree. It= fails > > > because of the xpdf-vulnurability. But my xpdf-port is the most recen= t one > > > and I think that the vulnurability was handelt in this version (if I = can > > > believ the cvs-comment). > > > > > > =3D=3D=3D> cups-base-1.1.22.0 has known vulnerabilities: > > > >> xpdf -- integer overflow vulnerabilities. > > > > > > Reference: > > > > >d .html> > >=20 > > The vuxml entry is wrong, vid ad2f3337-26bf-11d9-9289-000c41e2cdad has= =20 > > 0 but needs 1.1.21. > >=20 >=20 > Yes, you are absolutely right, I will correct the wrong range(s). >=20 Okay I was a bit too fast, where did you find that the cups people fixed this issue in their new release? -josef --=20 Josef El-Rayes (__) Email: josef@daemon.li \\\'',)=20 Web: http://daemon.li/ \/ \ ^ FreeBSD Security Team .\._/_) --=_daemon.li-30148-1100632739-0001-2 Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iQEVAwUBQZpSolnFItmnnbU8AQI+8wf/TYqEgRj5E2k/BPJz70Jru9kT2dFcfNhh GDG0co3H2wwHXCR0R9KG2ydmalC5bPL3NPtWCMxMKXw0hG+3EXoddoPJyArmDZlC uJjn2MVj2pEHB4ITvw3J2lavyxtC9AD08eIuEQ9L0t86gMqFdW6uNeBvSiUUYxeE /d/zAICqc7412EyiTEx3NmeA2VbTXQzKmdh34FeUclgLBZYQF1fYp2aymH49o9uQ JUtCf/875TdYO68+/5102VdaKwb/csM9x/U7q00q92rldm9/rLBE45u/6sqmp5sZ CxHyEhm9sTE39IcnsL7cIRtjsXOyFDQOn2Fm4aIl2ZsuaUYyrb1zvw== =AXVf -----END PGP SIGNATURE----- --=_daemon.li-30148-1100632739-0001-2--