[poppler] Fwd: Re: CVE-2012-2142 xpdf, poppler: Insufficient sanitization of escape sequences in the error messages

Albert Astals Cid aacid at kde.org
Sun Dec 9 11:22:17 PST 2012

El Diumenge, 9 de desembre de 2012, a les 02:22:22, William Bader va escriure:
> > Not the only patch that makes sense to us that is the upstream.patch one.>
> > Would you agree with that one?
> I guess so, 


> but I wonder why the f17 patch is so different from the upstream
> patch.  Maybe RH has a different maintainer for each version of Fedora and
> RHEL, and the ones working on upstream are better and realized that they
> can catch everything at a high level in poppler/Error.cc.

Maybe, no clue.


> William

More information about the poppler mailing list