The original update provided in DSA 1214-1 was insufficient; this update corrects this. For reference please find the original advisory text below: Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X, performs insufficient boundary checks in the Postscript parsing code, which allows the execution of arbitrary code through a buffer overflow. For the stable distribution (sarge) this problem has been fixed in version 3.6.1-10sarge2. For the upcoming stable distribution (etch) this problem has been fixed in version 3.6.2-2. For the unstable distribution (sid) this problem has been fixed in version 3.6.2-2. We recommend that you upgrade your gv package.
The original update provided in DSA 1214-1 was insufficient; this update corrects this. For reference please find the original advisory text below:
Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X, performs insufficient boundary checks in the Postscript parsing code, which allows the execution of arbitrary code through a buffer overflow.
For the stable distribution (sarge) this problem has been fixed in version 3.6.1-10sarge2.
For the upcoming stable distribution (etch) this problem has been fixed in version 3.6.2-2.
For the unstable distribution (sid) this problem has been fixed in version 3.6.2-2.
We recommend that you upgrade your gv package.
MD5 checksums of the listed files are available in the original advisory.
MD5 checksums of the listed files are available in the revised advisory.