[Secure-testing-commits] r3508 - in data: . CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Feb 19 18:28:56 UTC 2006 

Author: jmm-guest
Date: 2006-02-19 18:28:50 +0000 (Sun, 19 Feb 2006)
New Revision: 3508

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
update on xpdf mess
claim


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-18 13:06:52 UTC (rev 3507)
+++ data/CVE/list	2006-02-19 18:28:50 UTC (rev 3508)
@@ -2,6 +2,7 @@
 	- sa-exim <unfixed> (bug #345071)
 CVE-2006-XXXX [imagemagick: array index overflow in DisplayImageCommand]
 	- imagemagick 6:6.2.4.5-0.6 (bug #345595)
+begin claimed by jmm
 CVE-2006-0735 (Cross-site scripting (XSS) vulnerability in My Blog before 1.65 allows ...)
 	TODO: check
 CVE-2006-0734 (Unspecified vulnerability in Valve Software Half-Life CSTRIKE ...)
@@ -91,6 +92,7 @@
 	TODO: check
 CVE-2006-0692 (Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL ...)
 	TODO: check
+end claimed by jmm
 CVE-2006-0691 (edituser.php in TTS Time Tracking Software 3.0 does not verify that ...)
 	NOT-FOR-US: TTS Time Tracking Software
 CVE-2006-0690 (Multiple SQL injection vulnerabilities in TTS Time Tracking Software ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2006-02-18 13:06:52 UTC (rev 3507)
+++ data/embedded-code-copies	2006-02-19 18:28:50 UTC (rev 3508)
@@ -3,13 +3,13 @@
 other projects, without linking dynamically:
 
 xpdf code: (some use xpdf 2, some xpdf 3)
-gpdf
-pdftohtml
-kdegraphics/kpdf
+gpdf (will be replaced by evince in Gnome 2.12)
+pdftohtml (current poppler source package has a ported version, pinged maintainer)
+kdegraphics/kpdf (upstream is working on using poppler, probably not in time for Etch)
 tetex-bin (links to poppler since 3.0-12)
 cupsys (only older releases, recent ones use xpdf-utils, it's still present in the src, though)
 poppler
-koffice
+koffice (upstream is working on using poppler, probably not in time for Etch)
 libextractor
 pdfkit.framework (links to poppler since 0.8-4)

More information about the Secure-testing-commits mailing list