[Secure-testing-commits] r3446 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Feb 8 11:52:54 UTC 2006
Author: jmm-guest
Date: 2006-02-08 11:52:48 +0000 (Wed, 08 Feb 2006)
New Revision: 3446
Modified:
data/CVE/list
data/embedded-code-copies
Log:
yeah, another xpdf copy gone
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-08 10:41:15 UTC (rev 3445)
+++ data/CVE/list 2006-02-08 11:52:48 UTC (rev 3446)
@@ -734,7 +734,7 @@
- xpdf 3.01-6 (bug #350785; bug #350783; medium)
- koffice <unfixed>
- libextractor <unfixed>
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
CVE-2006-0300
RESERVED
CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...)
@@ -3883,7 +3883,7 @@
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
- pdftohtml <unfixed>
CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
@@ -3894,7 +3894,7 @@
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
- pdftohtml <unfixed>
CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
@@ -3904,7 +3904,7 @@
- gpdf 2.10.0-2 (bug #342286)
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
- pdftohtml <unfixed>
CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
@@ -3915,7 +3915,7 @@
- gpdf 2.10.0-2 (bug #342286)
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
- pdftohtml <unfixed>
CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
@@ -3926,7 +3926,7 @@
- xpdf 3.01-4
- koffice 1:1.4.2-6 (bug #342294)
- libextractor 0.5.9-1
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
- pdftohtml <unfixed>
CVE-2005-3623 [Incorrect ACLs only read-only NFS shares]
RESERVED
@@ -5375,7 +5375,7 @@
- koffice <not-affected> (Vulnerable xpdf code not contained)
- libextractor 0.5.8-1 (medium)
- cupsys 1.1.23-13 (unimportant)
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpdf ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
@@ -5389,7 +5389,7 @@
- koffice 1:1.4.2-5 (bug #342294; medium)
- libextractor 0.5.8-1 (medium)
- cupsys 1.1.23-13 (unimportant)
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
@@ -5397,7 +5397,7 @@
- pdftohtml <unfixed> (bug #342289; medium)
- kdegraphics 4:3.4.3-4 (bug #342287; medium)
NOTE: Previous kdegraphics fix was incomplete
- - pdfkit.framework <unfixed>
+ - pdfkit.framework 0.8-4
- poppler 0.4.2-1.1 (bug #342288; medium)
- tetex-bin 3.0-11 (bug #342292; medium)
- koffice 1:1.4.2-5 (bug #342294; medium)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2006-02-08 10:41:15 UTC (rev 3445)
+++ data/embedded-code-copies 2006-02-08 11:52:48 UTC (rev 3446)
@@ -11,7 +11,7 @@
poppler
koffice
libextractor
-pdfkit.framework
+pdfkit.framework (links to poppler since 0.8-4)
zlib code: (lots of apps embed a copy, but link dynamically, but there are a few exceptions)
dpkg
More information about the Secure-testing-commits
mailing list