Author: derevko-guest Date: 2009-05-21 20:46:34 +0000 (Thu, 21 May 2009) New Revision: 11951 Modified: data/CVE/list Log: poppler 0.8.7-2 accepted in stable. It fixes CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188. Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-05-21 18:52:40 UTC (rev 11950) +++ data/CVE/list 2009-05-21 20:46:34 UTC (rev 11951) @@ -1733,8 +1733,10 @@ TODO: check CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in Poppler before ...) - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 CVE-2009-1187 (Integer overflow in the JBIG2 decoding feature in Poppler before ...) - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 CVE-2009-1186 (Buffer overflow in the util_path_encode function in ...) {DSA-1772-1} - udev 0.141-1 (medium) @@ -1749,30 +1751,35 @@ CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0-1 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0-1 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0-1 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0-1 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) CVE-2009-1179 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0-1 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) @@ -3042,12 +3049,14 @@ CVE-2009-0800 (Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...) {DSA-1793-1 DSA-1790-1} - poppler 0.10.6-1 (medium; bug #524806) + [lenny] - poppler 0.8.7-2 - xpdf <unfixed> (medium; bug #524809) - kdegraphics 4.0 (medium; bug #524810) - swftools <unfixed> (medium; bug #527449)