http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c20 Petr Gajdos <pgajdos@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |krahmer@novell.com, | |sbrabec@novell.com --- Comment #20 from Petr Gajdos <pgajdos@novell.com> 2010-01-19 17:49:56 UTC --- (In reply to comment #9)
my question anyways. Since upstream doesn't use the safeint patch how does their fix look like?
The problem is, that our security team wanted better fix than upstream have :-). That is why the xpdf-safe-int.patch has arisen, why is so huge and why I was convinced from the beginning this patch is not upstreamable. I suggest read bug 502974 for more informations. I have talked with sbrabec and he suggested to (carefully) consider version update for poppler, if there is no ABI change and addresses said security problem sufficiently. Alternatively (for older distributions for example), original small patch from upstream -- bug 502061, comment 2 could be backported. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.