Debian Security Advisory DSA 1352-1 (pdfkit.framework)

Summary
The remote host is missing an update to pdfkit.framework announced via advisory DSA 1352-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201352-1
Insight
It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. pdfkit.framework includes a copy of the xpdf code and required an update as well. For the oldstable distribution (sarge) this problem has been fixed in version 0.8-2sarge4. The package from the stable distribution (etch) links dynamically against libpoppler and doesn't require a separate update. The package from the unstable distribution (sid) links dynamically against libpoppler and doesn't require a separate update. We recommend that you upgrade your pdfkit.framework packages.