Debian Security Advisory 1243-1 - Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X, performs insufficient boundary checks in the Postscript parsing code, which allows the execution of arbitrary code through a buffer overflow. Evince embeds a copy of gv and needs an update as well.
59b309a2e743b9753ae0975f2805f781a77e3e1cec2b5e23bf2c11ef5d354603