Secure testing commits - Dec 2005 - r3070 - data/CVE

Author: jmm-guest
Date: 2005-12-16 09:32:53 +0000 (Fri, 16 Dec 2005)
New Revision: 3070

Modified:
   data/CVE/list
Log:
cupsys/xpdf fixed (not used in the binary package)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2005-12-16 09:23:57 UTC (rev 3069)
+++ data/CVE/list	2005-12-16 09:32:53 UTC (rev 3070)
@@ -3040,6 +3040,7 @@
 	- tetex-bin 3.0-11 (bug #342292; medium)
 	- koffice <not-affected> (Vulnerable xpdf code not contained)
 	- libextractor 0.5.8-1 (medium)
+	- cupsys 1.1.23-13 (unimportant)
 CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in
Xpdf ...)
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3049,6 +3050,7 @@
 	- tetex-bin 3.0-11 (bug #342292; medium)
 	- koffice 1:1.4.2-5 (bug #342294; medium)
 	- libextractor 0.5.8-1 (medium)
+	- cupsys 1.1.23-13 (unimportant)
 CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3058,6 +3060,7 @@
 	- tetex-bin 3.0-11 (bug #342292; medium)
 	- koffice 1:1.4.2-5 (bug #342294; medium)
 	- libextractor 0.5.8-1 (medium)
+	- cupsys 1.1.23-13 (unimportant)
 CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0
...)
 	NOT-FOR-US: iGateway
 CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP
Server ...)
@@ -6949,7 +6952,7 @@
 	- tetex-bin <not-affected> (pdftex doesn''t include or use the
vulnerable code)
 	- gpdf <unfixed> (bug #334454; low)
 	NOTE: only affects cupsys source package, not used in binary
-	- cupsys <unfixed> (bug #324464; unimportant)
+	- cupsys 1.1.23-13 (bug #324464; unimportant)
 	- poppler 0.4.0-1 (low)
 	- libextractor 0.5.8-1 (medium)
 CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a
denial ...)
@@ -14579,7 +14582,7 @@
 	- kdegraphics 4:3.3.2-2
 	- tetex-bin 2.0.2-26
 	NOTE: only affects source package, not used in binary
-	- cupsys <unfixed> (bug #324459; unimportant)
+	- cupsys 1.1.23-13 (bug #324459; unimportant)
 CVE-2005-0063 (The document processing application used by the Windows Shell in
...)
 	NOT-FOR-US: Microsoft
 CVE-2005-0062