Author: micah
Date: 2006-01-12 15:44:24 +0000 (Thu, 12 Jan 2006)
New Revision: 3282
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-938-1 (koffice)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-01-12 13:46:57 UTC (rev 3281)
+++ data/CVE/list 2006-01-12 15:44:24 UTC (rev 3282)
@@ -2806,34 +2806,34 @@
RESERVED
CVE-2005-3628 [further xpdf overflow check]
RESERVED
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- kdegraphics 3.5.0-3
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf,
pdftohtml, ...)
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml,
poppler, ...)
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml,
poppler, ...)
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for
xpdf, ...)
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
@@ -4273,7 +4273,7 @@
CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1
(International), ...)
NOT-FOR-US: ALZip
CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream
function ...)
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
- gpdf 2.10.0-1 (bug #342286; medium)
- pdftohtml <not-affected> (Vulnerable xpdf code not contained)
@@ -4298,7 +4298,7 @@
- libextractor 0.5.8-1 (medium)
- cupsys 1.1.23-13 (unimportant)
CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
- {DSA-936-1 DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
- gpdf 2.10.0-1 (bug #342286; medium)
- pdftohtml <unfixed> (bug #342289; medium)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-01-12 13:46:57 UTC (rev 3281)
+++ data/DSA/list 2006-01-12 15:44:24 UTC (rev 3282)
@@ -1,3 +1,7 @@
+[12 Jan 2006] DSA-938-1 koffice - buffer overflows
+ {CVE-2005-3191 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626
CVE-2005-3627 CVE-2005-3628}
+ [sarge] - koffice 1.3.5-4.sarge.2
+ NOTE: Not fixed in testing at time of DSA (too new)
[12 Jan 2006] DSA-937-1 tetex-bin - buffer overflows
{CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625
CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
[sarge] - tetex-bin 2.0.2-30sarge4