Date: Tue, 16 Nov 2004 15:12:37 +0100 From: Michael Nottebrock <michaelnottebrock@gmx.net> To: freebsd-ports@freebsd.org Cc: security@freebsd.org Subject: Re: Problem with cups/xpdf Message-ID: <200411161512.38168.michaelnottebrock@gmx.net> In-Reply-To: <BDBFC2F5.1063A%tomonage2@gmx.de> References: <BDBFC2F5.1063A%tomonage2@gmx.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart3756929.Z1OLWJoSlo Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday, 16. November 2004 14:45, Jonathan Weiss wrote: > Cheers, > > > > I am trying to upgrade my cups-port with an up-to-date ports-tree. It fai= ls > because of the xpdf-vulnurability. But my xpdf-port is the most recent one > and I think that the vulnurability was handelt in this version (if I can > believ the cvs-comment). > > =3D=3D=3D> cups-base-1.1.22.0 has known vulnerabilities: > >> xpdf -- integer overflow vulnerabilities. > > Reference: > <http://www.FreeBSD.org/ports/portaudit/ad2f3337-26bf-11d9-9289-000c41e2c= da >d .html> The vuxml entry is wrong, vid ad2f3337-26bf-11d9-9289-000c41e2cdad has=20 <range><ge>0</ge></range> but needs <range><lt>1.1.21</lt></range>. Security Team cc'd. =2D-=20 ,_, | Michael Nottebrock | lofi@freebsd.org (/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org \u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org --nextPart3756929.Z1OLWJoSlo Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBmgrWXhc68WspdLARAmtqAKCaz+a/4hlXqgixpcjbyP+G6R9JUgCgmR4r BN0borqpOjhTyKr1NLnLgMM= =DZXJ -----END PGP SIGNATURE----- --nextPart3756929.Z1OLWJoSlo--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411161512.38168.michaelnottebrock>