thr3ads.net - Secure testing commits - [Secure-testing-commits] r11341

If this information is useful, please help other people find it:
Share via:

white at alioth.debian.org

2009-Mar-06 13:43 UTC

[Secure-testing-commits] r11341 - data/CVE

Author: white
Date: 2009-03-06 13:43:55 +0000 (Fri, 06 Mar 2009)
New Revision: 11341

Modified:
   data/CVE/list
Log:
Two new poppler issues, both crashes

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-03-06 13:27:07 UTC (rev 11340)
+++ data/CVE/list	2009-03-06 13:43:55 UTC (rev 11341)
@@ -127,9 +127,13 @@
 CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow
context-dependent ...)
 	TODO: check
 CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before
0.10.4 ...)
-	TODO: check
+	- poppler <unfixed> (low; bug #518478)
+	[lenny] - poppler <no-dsa> (Application crash only, could be fixed with
further issues)
+	[etch] - poppler <no-dsa> (Application crash only, could be fixed with
further issues)
 CVE-2009-0755 (The FormWidgetChoice::loadDefaults function in Poppler before
0.10.4 ...)
-	TODO: check
+	- poppler <unfixed> (low; bug #518478)
+	[lenny] - poppler <no-dsa> (Application crash only, could be fixed with
further issues)
+	[etch] - poppler <no-dsa> (Application crash only, could be fixed with
further issues)
 CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache,
allows ...)
 	TODO: check
 CVE-2008-6398 (sng_regress in SNG 1.0.2 allows local users to overwrite
arbitrary ...)

Secure testing commits - Mar 2009 - r11341 - data/CVE

[Secure-testing-commits] r11341 - data/CVE