'www/areas/koffice'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    www/areas/koffice
From:       Nicolas Goutte <nicolasg () snafu ! de>
Date:       2004-10-30 17:21:56
Message-ID: 20041030172156.6488716BC0 () office ! kde ! org
[Download RAW message or body]

CVS commit by goutte: 

xpdf integer overflow, take 2


  M +13 -0     news.rdf   1.30
  M +15 -1     developer/news.rdf   1.62


--- www/areas/koffice/news.rdf  #1.29:1.30
@@ -11,4 +11,17 @@
 
 <item>
+<title>SECURITY update: xpdf integer overflow in KOffice 1.3.x</title>
+<date>30th October, 2004</date>
+<fullstory>
+<b>SECURITY update:</b>
+In KOffice 1.3.x, the PDF import filter is vulnerable to integer overflows.
+Unfortunately, the first patch (which is included in KOffice 1.3.4)
+was not strong enough against compiler optimizations.<br />
+<a href="http://kde.org/areas/koffice/releases">Please see in the corresponding
+release notes to see how to apply the new source patch</a>
+</fullstory>
+</item>
+
+<item>
 <title>KOffice 1.3.4 released</title>
 <date>26th October, 2004</date>

--- www/areas/koffice/developer/news.rdf  #1.61:1.62
@@ -10,5 +10,5 @@
 
     <!-- Do not forget to change this date when doing any change in this file! -->
-    <lastBuildDate>Tue, 26 Oct 2004 17:17 UT</lastBuildDate>
+    <lastBuildDate>Sat, 30 Oct 2004 17:17 UT</lastBuildDate>
 
     <docs>http://blogs.law.harvard.edu/tech/rss</docs>
@@ -16,4 +16,18 @@
 
 <item>
+<title>SECURITY update: xpdf integer overflow in KOffice 1.3.x</title>
+<pubDate>Sat, 30 Oct 2004 17:17 UT</pubDate>
+<description>
+&lt;b&gt;SECURITY update:&lt;/b&gt;
+In KOffice 1.3.x, the PDF import filter was vulnerable to integer overflows.
+Unfortunately, the first patch (which is included in KOffice 1.3.4)
+was not strong enough against compiler optimizations.&lt;br /&gt;
+&lt;a href="http://kde.org/areas/koffice/releases"&gt;Please see in the
+corresponding release notes to see how to apply the new source patch&lt;/a&gt;
+</description>
+<source url="http://www.koffice.org/news.rdf">KOffice News</source>
+</item>
+
+<item>
 <title>KOffice 1.3.4 released</title>
 <pubDate>Tue, 26 Oct 2004 17:17 UT</pubDate>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic