Branches for Feisty

Author: Martin Pitt
Revision Date: 2006-12-19 15:53:26 UTC

* Merge to Debian unstable. Remaining Ubuntu changes:
  - debian/patches/patch-poppler: Ported to poppler 0.5.1 API.
  - debian/patches/patch-dvipdfm-timezones: Fix dvipdfm crash in certain
    time zones.

Author: Jamie Strandboge
Revision Date: 2007-12-04 10:53:07 UTC

* SECURITY UPDATE: improper bounds on static buffer results in stack-based
  buffer overflow
* debian/patches/SECURITY_CVE-2007-5935.patch: make sure tmpbuf is allocated
  enough memory in texk/dvipsk/hps.c
* SECURITY UPDATE: temporary file race condition in dviljk due to use of
  tmpnam()
* SECURITY UPDATE: various buffer overflows in dviljk due to not checking
  memory boundaries
* debian/patches/SECURITY_CVE-2007-5936+5937.patch: use mkdtemp() if
  available in dvi2xx.c. Replace calls to strcpy() and do proper bounds
  checking in dvi2xx.*.
* Modify Maintainer value to match the DebianMaintainerField
  specification.
* debian/control: Build-Depends on libcairo2-dev
* References
  CVE-2007-5935
  CVE-2007-5936
  CVE-2007-5937

Author: Jamie Strandboge
Revision Date: 2007-12-04 10:53:07 UTC

* SECURITY UPDATE: improper bounds on static buffer results in stack-based
  buffer overflow
* debian/patches/SECURITY_CVE-2007-5935.patch: make sure tmpbuf is allocated
  enough memory in texk/dvipsk/hps.c
* SECURITY UPDATE: temporary file race condition in dviljk due to use of
  tmpnam()
* SECURITY UPDATE: various buffer overflows in dviljk due to not checking
  memory boundaries
* debian/patches/SECURITY_CVE-2007-5936+5937.patch: use mkdtemp() if
  available in dvi2xx.c. Replace calls to strcpy() and do proper bounds
  checking in dvi2xx.*.
* Modify Maintainer value to match the DebianMaintainerField
  specification.
* debian/control: Build-Depends on libcairo2-dev
* References
  CVE-2007-5935
  CVE-2007-5936
  CVE-2007-5937