Author: gilbert-guest Date: 2012-01-14 20:01:43 +0000 (Sat, 14 Jan 2012) New Revision: 18155 Modified: data/CVE/list data/embedded-code-copies Log: new t1lib issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-14 16:12:02 UTC (rev 18154) +++ data/CVE/list 2012-01-14 20:01:43 UTC (rev 18155) @@ -14821,6 +14821,10 @@ [squeeze] - vftool 2.0alpha-4+squeeze1 [lenny] - vftool 2.0alpha-3+lenny1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923 + - t1lib <unfixed> + NOTE: vuln source file is lib/t1lib/parseAFM.c, which differs slightly from evince''s afmparse.c in the affected areas but it is indeed affected + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923 + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=643882 CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo method in ...) {DSA-2177-1} - pywebdav 0.9.4-3 Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2012-01-14 16:12:02 UTC (rev 18154) +++ data/embedded-code-copies 2012-01-14 20:01:43 UTC (rev 18155) @@ -676,7 +676,10 @@ - tetex-bin 2.0.2-1 (embed) - texlive-bin <unknown> (embed) - grace 5.1.14-2 (embed) - NOTE: Might be fixed even earlier + - evince <unfixed> (embed) + NOTE: at least parseafm code, maybe more? + - vftool <unfixed> (embed) + NOTE: just parseafm code it seems guichan - boswars <unfixed> (embed)