Author: jmm-guest Date: 2005-12-06 22:22:51 +0000 (Tue, 06 Dec 2005) New Revision: 2961 Modified: data/CVE/list Log: koffice is vulnerable to 2 of the 3 xpdf issues, bug filed Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-06 22:16:35 UTC (rev 2960) +++ data/CVE/list 2005-12-06 22:22:51 UTC (rev 2961) @@ -2497,6 +2497,7 @@ - kdegraphics <unfixed> (bug #342287; medium) - poppler <unfixed> (bug #34228; medium) - tetex-bin <unfixed> (bug filed; medium) + - koffice <not-affected> (Vulnerable xpdf code not contained) CVE-2005-3192 [xpdf stream predictor heap overflow] RESERVED - xpdf <unfixed> (bug #342281; medium) @@ -2505,6 +2506,7 @@ - kdegraphics <unfixed> (bug #342287; medium) - poppler <unfixed> (bug #34228; medium) - tetex-bin <unfixed> (bug filed; medium) + - koffice <unfixed> (bug filed; medium) CVE-2005-3191 [xpdf dctstream heap overflow] RESERVED - xpdf <unfixed> (bug #342281; medium) @@ -2513,6 +2515,7 @@ - kdegraphics <unfixed> (bug #342287; medium) - poppler <unfixed> (bug #34228; medium) - tetex-bin <unfixed> (bug filed; medium) + - koffice <unfixed> (bug filed; medium) CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...) NOT-FOR-US: iGateway CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server ...)