[16767] in bugtraq
Re: [SECURITY] New version of xpdf released
daemon@ATHENA.MIT.EDU (Robert Bihlmeyer)
Thu Sep 14 13:00:45 2000
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="----------=_968935950-1579-3";
micalg="pgp-sha1"; protocol="application/pgp-signature"
Message-Id: <87g0n3gmqc.fsf@hoss.orcus.priv.at>
Date: Thu, 14 Sep 2000 14:51:55 +0200
Reply-To: Robert Bihlmeyer <robbe@ORCUS.PRIV.AT>
From: Robert Bihlmeyer <robbe@ORCUS.PRIV.AT>
X-To: Christian <christian@dijkstra.murdoch.edu.au>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Christian's message of "Tue, 12 Sep 2000 14:40:51 +0800"
This is a multi-part message in MIME format.
It has been signed conforming to RFC2015.
You'll need PGP or GPG to check the signature.
------------=_968935950-1579-3
Content-Type: text/plain; charset=us-ascii
Christian <christian@dijkstra.murdoch.edu.au> writes:
> Will an update be released for xpdf-i (supports decryption and therefore
> in the non-US tree) or is this not vulnerable?
xpdf-i < 0.90-7 is vulnerable, too.
<URL:http://non-us.debian.org/dists/proposed-updates/> (or use your
nearest non-US mirror) will contain the fixed version.
Unfortunately security.debian.org has no non-US section (although it
is actually the same host ...).
--
Robbe
------------=_968935950-1579-3
Content-Type: application/pgp-signature; name="signature.ng"
Content-Disposition: inline; filename="signature.ng"
Content-Transfer-Encoding: base64
LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcg
djEuMC4yIChHTlUvTGludXgpCkNvbW1lbnQ6IEZvciBpbmZvIHNlZSBodHRw
Oi8vd3d3LmdudXBnLm9yZwoKaUQ4REJRRTV3TW9PMzNLY3V1WllQdnNSQWox
eEFLREZCWE4rOTdKTXB5dFlOS20zM3YybEZBQ3lIQUNmWkh0TgprZy9LQkw2
bnBCYTlCVU5CMmtMS2hUcz0KPWdhTUcKLS0tLS1FTkQgUEdQIFNJR05BVFVS
RS0tLS0tCg==
------------=_968935950-1579-3--
