[Secure-testing-commits] r2964 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Dec 7 09:27:22 UTC 2005
Author: jmm-guest
Date: 2005-12-07 09:27:17 +0000 (Wed, 07 Dec 2005)
New Revision: 2964
Modified:
data/CVE/list
data/embedded-code-copies
Log:
libextractor embeds a copy of xpdf as well, what a mess
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-07 02:23:44 UTC (rev 2963)
+++ data/CVE/list 2005-12-07 09:27:17 UTC (rev 2964)
@@ -2498,6 +2498,7 @@
- poppler <unfixed> (bug #34228; medium)
- tetex-bin <unfixed> (bug filed; medium)
- koffice <not-affected> (Vulnerable xpdf code not contained)
+ - libextractor 0.5.8-1 (medium)
CVE-2005-3192 [xpdf stream predictor heap overflow]
RESERVED
- xpdf 3.01-3 (bug #342281; medium)
@@ -2507,6 +2508,7 @@
- poppler <unfixed> (bug #34228; medium)
- tetex-bin <unfixed> (bug filed; medium)
- koffice <unfixed> (bug #342294; medium)
+ - libextractor 0.5.8-1 (medium)
CVE-2005-3191 [xpdf dctstream heap overflow]
RESERVED
- xpdf 3.01-3 (bug #342281; medium)
@@ -2516,6 +2518,7 @@
- poppler <unfixed> (bug #34228; medium)
- tetex-bin <unfixed> (bug filed; medium)
- koffice <unfixed> (bug #342294; medium)
+ - libextractor 0.5.8-1 (medium)
CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...)
NOT-FOR-US: iGateway
CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server ...)
@@ -6408,6 +6411,7 @@
NOTE: only affects cupsys source package, not used in binary
- cupsys <unfixed> (bug #324464; unimportant)
- poppler 0.4.0-1 (low)
+ - libextractor 0.5.8-1 (medium)
CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a denial ...)
{DSA-797-2 DSA-797-1 DSA-740-1}
NOTE: Several packages ship embedded copies of zlib, there are a lot probably more
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2005-12-07 02:23:44 UTC (rev 2963)
+++ data/embedded-code-copies 2005-12-07 09:27:17 UTC (rev 2964)
@@ -9,6 +9,7 @@
cupsys (only older releases, recent ones use xpdf-utils, it's still present in the src, though)
poppler
koffice
+libextractor
zlib code: (separate between 1.2 and 1.1)
dpkg
More information about the Secure-testing-commits
mailing list