It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. pdfkit.framework includes a copy of the xpdf code and required an update as well. For the oldstable distribution (sarge) this problem has been fixed in version 0.8-2sarge4. The package from the stable distribution (etch) links dynamically against libpoppler and doesn't require a separate update. The package from the unstable distribution (sid) links dynamically against libpoppler and doesn't require a separate update. We recommend that you upgrade your pdfkit.framework packages.
It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened.
pdfkit.framework includes a copy of the xpdf code and required an update as well.
For the oldstable distribution (sarge) this problem has been fixed in version 0.8-2sarge4.
The package from the stable distribution (etch) links dynamically against libpoppler and doesn't require a separate update.
The package from the unstable distribution (sid) links dynamically against libpoppler and doesn't require a separate update.
We recommend that you upgrade your pdfkit.framework packages.
MD5 checksums of the listed files are available in the original advisory.