Author: corsac
Date: 2012-01-14 20:50:58 +0000 (Sat, 14 Jan 2012)
New Revision: 18159
Modified:
data/CVE/list
Log:
mark CVE-2011-155{2,3,4} as fixed by t1lib 5.1.2-3.3
(according to https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-01-14 20:46:19 UTC (rev 18158)
+++ data/CVE/list 2012-01-14 20:50:58 UTC (rev 18159)
@@ -11445,15 +11445,18 @@
CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf
before ...)
- - t1lib <unfixed>
+ - t1lib 5.1.2-3.1
+ NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
- xpdf 3.02-9
- poppler <not-affected> (never used t1lib)
CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used
in ...)
- - t1lib <unfixed>
+ - t1lib 5.1.2-3.1
+ NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
- xpdf 3.02-9
- poppler <not-affected> (never used t1lib)
CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and
other ...)
- - t1lib <unfixed>
+ - t1lib 5.1.2-3.1
+ NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
- xpdf 3.02-9
- poppler <not-affected> (never used t1lib)
CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/
...)