[Secure-testing-commits] r12506 - data/CVE

[Michael Gilbert]

Author: gilbert-guest
Date: 2009-08-07 20:03:07 +0000 (Fri, 07 Aug 2009)
New Revision: 12506

Modified:
   data/CVE/list
Log:
an itp for ghostscript's jbig2 library, which is a different implementation than xpdf's jbig2, has been filed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-07 16:00:39 UTC (rev 12505)
+++ data/CVE/list	2009-08-07 20:03:07 UTC (rev 12506)
@@ -8407,6 +8407,7 @@
 CVE-2009-0196 (Heap-based buffer overflow in the big2_decode_symbol_dict function ...)
 	{DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #524803)
+	- jbig2dec <itp> (medium; bug #539965)
 CVE-2009-0195 (Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, ...)
 	{DSA-1790-1}
 	- xpdf 3.02-1.4+lenny1 (medium; bug #524809)