xpdf - multiple vulnerabilities

Several vulnerabilities have been identified in xpdf, a suite of tools
for viewing and converting Portable Document Format (PDF) files.

The Common Vulnerabilities and Exposures project identifies the
following problems:

• CVE-2009-0146
  Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
  earlier, CUPS 1.3.9 and earlier, and other products allow remote
  attackers to cause a denial of service (crash) via a crafted PDF file,
  related to (1) JBIG2SymbolDict::setBitmap and (2)
  JBIG2Stream::readSymbolDictSeg.
• CVE-2009-0147
  Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
  earlier, CUPS 1.3.9 and earlier, and other products allow remote
  attackers to cause a denial of service (crash) via a crafted PDF file,
  related to (1) JBIG2Stream::readSymbolDictSeg, (2)
  JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
• CVE-2009-0165
  Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as
  used in Poppler and other products, when running on Mac OS X, has
  unspecified impact, related to “g*allocn.”
• CVE-2009-0166
  The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
  earlier, and other products allows remote attackers to cause a denial
  of service (crash) via a crafted PDF file that triggers a free of
  uninitialized memory.
• CVE-2009-0799
  The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
  Poppler before 0.10.6, and other products allows remote attackers to
  cause a denial of service (crash) via a crafted PDF file that triggers
  an out-of-bounds read.
• CVE-2009-0800
  Multiple “input validation flaws” in the JBIG2 decoder in Xpdf 3.02pl2
  and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other
  products allow remote attackers to execute arbitrary code via a crafted
  PDF file.
• CVE-2009-1179
  Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS
  1.3.9 and earlier, Poppler before 0.10.6, and other products allows
  remote attackers to execute arbitrary code via a crafted PDF file.
• CVE-2009-1180
  The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
  Poppler before 0.10.6, and other products allows remote attackers to
  execute arbitrary code via a crafted PDF file that triggers a free of
  invalid data.
• CVE-2009-1181
  The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
  Poppler before 0.10.6, and other products allows remote attackers to
  cause a denial of service (crash) via a crafted PDF file that triggers a
  NULL pointer dereference.
• CVE-2009-1182
  Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and
  earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other
  products allow remote attackers to execute arbitrary code via a crafted
  PDF file.
• CVE-2009-1183
  The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
  earlier, Poppler before 0.10.6, and other products allows remote
  attackers to cause a denial of service (infinite loop and hang) via a
  crafted PDF file.

For the old stable distribution (etch), these problems have been fixed in version
3.01-9.1+etch6.

For the stable distribution (lenny), these problems have been fixed in version
3.02-1.4+lenny1.

For the unstable distribution (sid), these problems will be fixed in a
forthcoming version.

We recommend that you upgrade your xpdf packages.