[Secure-testing-commits] r3513 - in data: CVE DSA

Micah Anderson micah at costa.debian.org
Sun Feb 19 20:37:17 UTC 2006 

Author: micah
Date: 2006-02-19 20:37:11 +0000 (Sun, 19 Feb 2006)
New Revision: 3513

Modified:
   data/CVE/list
   data/DSA/list
Log:
Added DSA-979-1 pdfkit.framework madness


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-19 19:45:10 UTC (rev 3512)
+++ data/CVE/list	2006-02-19 20:37:11 UTC (rev 3513)
@@ -1081,7 +1081,7 @@
 CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 ...)
 	NOT-FOR-US: ZyXel hardware
 CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other ...)
-	{DSA-974-1 DSA-972-1 DSA-971-1}
+	{DSA-979-1 DSA-974-1 DSA-972-1 DSA-971-1}
 	- poppler 0.4.5-1 (medium)
 	- tetex-bin 3.0-12 (medium)
 	- kdegraphics 4:3.5.1-2 (medium)
@@ -5725,7 +5725,7 @@
 CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
 	NOT-FOR-US: ALZip
 CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream function ...)
-	{DSA-961-1 DSA-950-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
+	{DSA-979-1 DSA-961-1 DSA-950-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
 	- pdftohtml <not-affected> (Vulnerable xpdf code not contained)
@@ -5752,7 +5752,7 @@
 	- cupsys 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
 CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
-	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
+	{DSA-979-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
 	- pdftohtml <unfixed> (bug #342289; medium)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-02-19 19:45:10 UTC (rev 3512)
+++ data/DSA/list	2006-02-19 20:37:11 UTC (rev 3513)
@@ -1,3 +1,7 @@
+[17 Feb 2006] DSA-979-1 pdfkit.framework - several
+	{CVE-2005-3191 CVE-2005-3193 CVE-2006-0301}
+	[sarge] - pdfkit.framework 0.8-2sarge3
+	NOTE: sid is not affected
 [17 Feb 2006] DSA-978-1 gnupg - invalid success return
 	{CVE-2006-0455}
 	[woody] - gnupg 1.0.6-4woody4

More information about the Secure-testing-commits mailing list