Author: jmm-guest Date: 2005-12-06 22:08:45 +0000 (Tue, 06 Dec 2005) New Revision: 2959 Modified: data/CVE/list Log: poppler confirmed vulnerable to all three xpdf issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-06 22:03:40 UTC (rev 2958) +++ data/CVE/list 2005-12-06 22:08:45 UTC (rev 2959) @@ -2495,18 +2495,21 @@ - gpdf <unfixed> (bug #342286; medium) - pdftohtml <not-affected> (Vulnerable xpdf code not contained) - kdegraphics <unfixed> (bug #342287; medium) + - poppler <unfixed> (bug #34228; medium) CVE-2005-3192 [xpdf stream predictor heap overflow] RESERVED - xpdf <unfixed> (bug #342281; medium) - gpdf <unfixed> (bug #342286; medium) - pdftohtml <unfixed> (bug filed; medium) - kdegraphics <unfixed> (bug #342287; medium) + - poppler <unfixed> (bug #34228; medium) CVE-2005-3191 [xpdf dctstream heap overflow] RESERVED - xpdf <unfixed> (bug #342281; medium) - gpdf <unfixed> (bug #342286; medium) - pdftohtml <unfixed> (bug filed; medium) - kdegraphics <unfixed> (bug #342287; medium) + - poppler <unfixed> (bug #34228; medium) CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...) NOT-FOR-US: iGateway CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server ...)