-









































































Debian Security Advisory DSA 625-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
January 5th, 2004                       http://www.debian.org/security/faq



















































































































































-









































































Package        : pcal
Vulnerability  : buffer overflows
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2004-1289
Debian Bug     : 287039

Danny Lungstrom discovered two buffer overflows in pcal, a program to
generate Postscript calendars, that could lead to the execution of
arbitrary code when compiling a calendar.

For the stable distribution (woody) these problems have been fixed in
version 4.7-8woody1.

For the unstable distribution (sid) these problems have been fixed in
version 4.8.0-1.

We recommend that you upgrade your pcal package.