[Secure-testing-commits] r3270 - data/CVE
Joey Hess
joeyh at costa.debian.org
Wed Jan 11 21:14:29 UTC 2006
Author: joeyh
Date: 2006-01-11 21:14:23 +0000 (Wed, 11 Jan 2006)
New Revision: 3270
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-11 20:44:08 UTC (rev 3269)
+++ data/CVE/list 2006-01-11 21:14:23 UTC (rev 3270)
@@ -2736,26 +2736,26 @@
RESERVED
CVE-2005-3628 [further xpdf overflow check]
RESERVED
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- kdegraphics 3.5.0-3
- xpdf 3.01-4
CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- poppler 0.4.3-2
- kdegraphics 3.5.0-3
- xpdf 3.01-4
@@ -4193,7 +4193,7 @@
CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
NOT-FOR-US: ALZip
CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream function ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
- gpdf 2.10.0-1 (bug #342286; medium)
- pdftohtml <not-affected> (Vulnerable xpdf code not contained)
@@ -4205,7 +4205,7 @@
- libextractor 0.5.8-1 (medium)
- cupsys 1.1.23-13 (unimportant)
CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpdf ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
- gpdf 2.10.0-1 (bug #342286; medium)
- pdftohtml <unfixed> (bug #342289; medium)
@@ -4218,7 +4218,7 @@
- libextractor 0.5.8-1 (medium)
- cupsys 1.1.23-13 (unimportant)
CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
- {DSA-932-1 DSA-931-1}
+ {DSA-936-1 DSA-932-1 DSA-931-1}
- xpdf 3.01-3 (bug #342281; bug #342337; medium)
- gpdf 2.10.0-1 (bug #342286; medium)
- pdftohtml <unfixed> (bug #342289; medium)
@@ -8145,7 +8145,7 @@
NOTE: 2.6.8 and 2.4.27 not affected
- linux-2.6 2.6.12-3 (bug #323039; medium)
CVE-2005-2097 (xpdf and kpdf do not properly validate the "loca" table in PDF files, ...)
- {DSA-780-1}
+ {DSA-936-1 DSA-780-1}
- kdegraphics 4:3.4.2-1 (bug #322458; low)
- xpdf 3.00-15 (bug #322462; low)
- tetex-bin <not-affected> (pdftex doesn't include or use the vulnerable code)
More information about the Secure-testing-commits
mailing list