Author: jmm-guest Date: 2006-02-13 08:56:50 +0000 (Mon, 13 Feb 2006) New Revision: 3465 Modified: data/CVE/list Log: poppler and libast fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-13 08:21:23 UTC (rev 3464) +++ data/CVE/list 2006-02-13 08:56:50 UTC (rev 3465) @@ -847,14 +847,14 @@ CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 ...) NOT-FOR-US: ZyXel hardware CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other ...) - - poppler <unfixed> - - tetex-bin 3.0-12 - - kdegraphics 4:3.5.1-2 - - gpdf <unfixed> + - poppler 0.4.5-1 (medium) + - tetex-bin 3.0-12 (medium) + - kdegraphics 4:3.5.1-2 (medium) + - gpdf <unfixed> (medium) - xpdf 3.01-6 (bug #350785; bug #350783; medium) - - koffice <unfixed> - - libextractor <unfixed> - - pdfkit.framework 0.8-4 + - koffice <unfixed> (medium) + - libextractor <unfixed> (medium) + - pdfkit.framework 0.8-4 (medium) CVE-2006-0300 RESERVED CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...) @@ -1032,7 +1032,7 @@ CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands ...) - openssh <unfixed> (low; bug #349645; bug #352254) CVE-2006-0224 (Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 ...) - TODO: check + - libast 0.7-1 CVE-2005-4665 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier ...) NOT-FOR-US: PunBB CVE-2006-0223 (Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat ...)