Ubuntu Security Notice USN-410-2 January 25, 2007==========20================================================= tetex-bin vulnerability CVE-2007-0104 ========================================================== A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.10: tetex-bin 2.0.2-30ubuntu3.6
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
USN-410-1 fixed vulnerabilities in the poppler PDF loader library. This update provides the corresponding updates for a copy of this code in tetex-bin in Ubuntu 5.10. Versions of tetex-bin after Ubuntu 5.10 use poppler directly and do not need a separate update.
Original advisory details:
The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library.