Debian Security Advisory DSA 625-1 security@
debian.org
http://www.debian.org/security/ Martin Schulze
January 5th, 2004
http://www.debian.org/security/faq
Package : pcal
Vulnerability : buffer overflows
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-1289
Debian Bug : 287039
Danny Lungstrom discovered two buffer overflows in pcal, a program to
generate Postscript calendars, that could lead to the execution of
arbitrary code when compiling a calendar.
For the stable distribution (woody) these problems have been fixed in
version 4.7-8woody1.
For the unstable distribution (sid) these problems have been fixed in
version 4.8.0-1.
We recommend that you upgrade your pcal package.