[poppler] Fwd: Re: CVE-2012-2142 xpdf, poppler: Insufficient sanitization of escape sequences in the error messages
Albert Astals Cid
aacid at kde.org
Sun Dec 9 11:22:17 PST 2012
El Diumenge, 9 de desembre de 2012, a les 02:22:22, William Bader va escriure:
> > Not the only patch that makes sense to us that is the upstream.patch one.>
> > Would you agree with that one?
> I guess so,
> but I wonder why the f17 patch is so different from the upstream
> patch. Maybe RH has a different maintainer for each version of Fedora and
> RHEL, and the ones working on upstream are better and realized that they
> can catch everything at a high level in poppler/Error.cc.
Maybe, no clue.
More information about the poppler