[Secure-testing-commits] r3407 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Feb 1 10:15:08 UTC 2006 

Author: jmm-guest
Date: 2006-02-01 10:15:02 +0000 (Wed, 01 Feb 2006)
New Revision: 3407

Modified:
   data/CVE/list
   data/DSA/list
Log:
pdftohtml DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-01 10:11:16 UTC (rev 3406)
+++ data/CVE/list	2006-02-01 10:15:02 UTC (rev 3407)
@@ -1,4 +1,4 @@
-CVE-2006-0467
+sCVE-2006-0467
 	RESERVED
 CVE-2006-0466 (Cross-site scripting (XSS) vulnerability in search.asp in Goldstag ...)
 	NOT-FOR-US: Goldstag Content Management System
@@ -3506,6 +3506,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
@@ -3516,6 +3517,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.3-2
@@ -3525,6 +3527,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
@@ -3535,6 +3538,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, ...)
 	{DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
@@ -3545,6 +3549,7 @@
 	- koffice 1:1.4.2-6 (bug #342294)
 	- libextractor 0.5.9-1
 	- pdfkit.framework <unfixed>
+	- pdftohtml <unfixed>
 CVE-2005-3623 [Incorrect ACLs only read-only NFS shares]
 	RESERVED
 	[sarge] - kernel-source-2.6.8 <not-affected> (Does not contain NFS ACLs)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-02-01 10:11:16 UTC (rev 3406)
+++ data/DSA/list	2006-02-01 10:15:02 UTC (rev 3407)
@@ -1,3 +1,7 @@
+[01 Feb 2006] DSA-962-1 pdftohtml - buffer overflows
+	{CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
+	[sarge] - pdftohtml 0.36-11sarge1
+	NOTE: not fixed in testing at time of DSA (unfixed in sid)
 [01 Feb 2006] DSA-961-1 pdfkit.framework - buffer overflows
 	{CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628}
 	[sarge] - pdfkit.framework 0.8-2sarge1

More information about the Secure-testing-commits mailing list