Author: thijs Date: 2011-02-21 14:51:34 +0000 (Mon, 21 Feb 2011) New Revision: 16218 Modified: data/CVE/list Log: poppler issues not important Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-21 08:19:28 UTC (rev 16217) +++ data/CVE/list 2011-02-21 14:51:34 UTC (rev 16218) @@ -2008,17 +2008,19 @@ CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl] RESERVED - linux-2.6 <unfixed> -CVE-2010-4654 +CVE-2010-4654 [Malformed commands may cause corruption of the internal stack] RESERVED - kdegraphics <not-affected> (no stackheight) - xpdf <not-affected> (no stackheight) - poppler <not-affected> (stackheights introduced after 0.12) NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=8284008aa8230a92ba08d547864353d3290e9bf9 -CVE-2010-4653 +CVE-2010-4653 [integer overflow when parsing CharCodes for fonts] RESERVED - kdegraphics 4.0 - xpdf 3.02-9 - - poppler <unfixed> + - poppler <unfixed> (low) + [lenny] - poppler <no-dsa> (minor issue) + [squeeze] - poppler <no-dsa> (minor issue) NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=cad66a7d25abdb6aa15f3aa94a35737b119b2659 CVE-2010-4652 (Heap-based buffer overflow in the sql_prepare_where function ...) - proftpd-dfsg 1.3.3a-6