News

=========================================================== Ubuntu Security Notice USN-410-2 January 25, 2007 tetex-bin vulnerability CVE-2007-0104 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: tetex-bin 2.0.2-30ubuntu3.6 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-410-1 fixed vulnerabilities in the poppler PDF loader library. This update provides the corresponding updates for a copy of this code in tetex-bin in Ubuntu 5.10. Versions of tetex-bin after Ubuntu 5.10 use poppler directly and do not need a separate update. Original advisory details: The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafted PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library.