Note update of xpdf to version 2.02pl1. From the xpdf website:

  This version includes a small patch that fixes a security hole in
  version 2.02. It was possible to construct a malicious URL link in a
  PDF file which would cause an arbitrary command to be run. The patch
  changes things to that the various characters which can cause trouble
  are escaped (%xx) before calling system(). This patch also changes the
  "launch" link verification dialog to provde a scrolling view of the
  command about to be run when the command string is excessively long.

1 files changed, 2 insertions, 1 deletions

diff --git a/doc/CHANGES b/doc/CHANGES
index 2b0eb08be9d..9740cd480a3 100644
--- a/doc/CHANGES
+++ b/doc/CHANGES
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES,v 1.2531 2003/06/18 13:31:23 epg Exp $
+$NetBSD: CHANGES,v 1.2532 2003/06/18 14:48:58 simonb Exp $
 
 Changes to the packages collection and infrastructure in 2003:
 
@@ -2490,3 +2490,4 @@ Changes to the packages collection and infrastructure in 2003:
 	Updated subversion to 0.24.1 [epg 2003-06-18]
 	Updated subversion-base to 0.24.1 [epg 2003-06-18]
 	Updated subversion-python to 0.24.1 [epg 2003-06-18]
+	Updated xpdf to 2.02pl1 [simonb 2003-06-18]