thr3ads.net - Secure testing commits - [Secure-testing-commits] r3407

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Feb-01 10:15 UTC

[Secure-testing-commits] r3407 - in data: CVE DSA

Author: jmm-guest
Date: 2006-02-01 10:15:02 +0000 (Wed, 01 Feb 2006)
New Revision: 3407

Modified:
   data/CVE/list
   data/DSA/list
Log:
pdftohtml DSA


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-02-01 10:11:16 UTC (rev 3406)
+++ data/CVE/list	2006-02-01 10:15:02 UTC (rev 3407)
@@ -1,4 +1,4 @@
-CVE-2006-0467
+sCVE-2006-0467
 	RESERVED
 CVE-2006-0466 (Cross-site scripting (XSS) vulnerability in search.asp in
Goldstag ...)
 	NOT-FOR-US: Goldstag Content Management System
@@ -3506,6 +3506,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf,
pdftohtml, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1
DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
@@ -3516,6 +3517,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml,
poppler, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1
DTSA-28-1}
 	- poppler 0.4.3-2
@@ -3525,6 +3527,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml,
poppler, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1
DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
@@ -3535,6 +3538,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for
xpdf, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1
DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
@@ -3545,6 +3549,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3623 [Incorrect ACLs only read-only NFS shares]
 	RESERVED
 	[sarge] - kernel-source-2.6.8 <not-affected> (Does not contain NFS ACLs)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2006-02-01 10:11:16 UTC (rev 3406)
+++ data/DSA/list	2006-02-01 10:15:02 UTC (rev 3407)
@@ -1,3 +1,7 @@
+[01 Feb 2006] DSA-962-1 pdftohtml - buffer overflows
+	{CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625
CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
+	[sarge] - pdftohtml 0.36-11sarge1
+	NOTE: not fixed in testing at time of DSA (unfixed in sid)
 [01 Feb 2006] DSA-961-1 pdfkit.framework - buffer overflows
 	{CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625
CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
 	[sarge] - pdfkit.framework 0.8-2sarge1

Secure testing commits - Feb 2006 - r3407 - in data: CVE DSA

[Secure-testing-commits] r3407 - in data: CVE DSA