Author: nion Date: 2008-05-09 16:04:31 +0000 (Fri, 09 May 2008) New Revision: 8761 Modified: data/CVE/list Log: CVE-2008-1693 does not affect texlive-base and is fixed in texlive-bin, if anyone knows a version that introduced this fix please add (GfxFont::readEmbFontFile) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-05-09 15:57:26 UTC (rev 8760) +++ data/CVE/list 2008-05-09 16:04:31 UTC (rev 8761) @@ -918,7 +918,10 @@ - xpdf 3.02 - poppler 0.6.4-1 (bug #476842) - kdegraphics <not-affected> (Vulnerable code not present) - TODO: check pdftex + - texlive-bin <not-affected> (code already has the needed fix) + NOTE: see GfxFont.cc GfxFont::readEmbFontFile, line 362 checks if the font file is + NOTE: a stream or not. Anyone knows a fixed version? + - texlive-base <not-affected> (Vulnerable code not present) CVE-2008-1692 (Eterm 0.9.4 opens an xterm on :0 if -display is not specified and the ...) - eterm 0.9.4.0debian1-2.1 (unimportant; bug #473127) CVE-2008-1691 (Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and ...)