Branches for Karmic

Author: Brian Thomason
Revision Date: 2011-01-10 15:32:39 UTC

* SECURITY UPDATE: Gfx::getPos function allows context-dependent attackers to
  cause a denial of service (crash) via unknown vectors that trigger an
  uninitialized pointer dereference.
  - cve-2010-3702.dpatch: Patch provided by Debian (courtesy of Michael Gilbert)
  - CVE-2010-3702
  - LP: #701220
* SECURITY UPDATE: FoFiType1::parse function allows context-dependent
  attackers to cause a denial of service (crash) and possibly execute
  arbitrary code via a PDF file with a crafted Type1 font that contains a
  negative array index, which bypasses input validation and which triggers
  memory corruption.
  - cve-2010-3704.dpatch: Patch provided by Debian (courtesy of Michael Gilbert)
  - CVE-2010-3704

Author: Brian Thomason
Revision Date: 2011-01-10 15:32:39 UTC

* SECURITY UPDATE: Gfx::getPos function allows context-dependent attackers to
  cause a denial of service (crash) via unknown vectors that trigger an
  uninitialized pointer dereference.
  - cve-2010-3702.dpatch: Patch provided by Debian (courtesy of Michael Gilbert)
  - CVE-2010-3702
  - LP: #701220
* SECURITY UPDATE: FoFiType1::parse function allows context-dependent
  attackers to cause a denial of service (crash) and possibly execute
  arbitrary code via a PDF file with a crafted Type1 font that contains a
  negative array index, which bypasses input validation and which triggers
  memory corruption.
  - cve-2010-3704.dpatch: Patch provided by Debian (courtesy of Michael Gilbert)
  - CVE-2010-3704

Author: Till Kamppeter
Revision Date: 2009-01-02 18:12:55 UTC

debian/patches/do-not-make-ps-arrays-bigger-than-64k-from-big-images-in-patterns.dpatch:
pdftops produced wrong PostScript when a large image is in a pattern in
the input file (LP: #311982, Upstream bugs #18908 and #19368).