[Secure-testing-commits] r11341 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Fri Mar 6 13:43:56 UTC 2009
Author: white
Date: 2009-03-06 13:43:55 +0000 (Fri, 06 Mar 2009)
New Revision: 11341
Modified:
data/CVE/list
Log:
Two new poppler issues, both crashes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-06 13:27:07 UTC (rev 11340)
+++ data/CVE/list 2009-03-06 13:43:55 UTC (rev 11341)
@@ -127,9 +127,13 @@
CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent ...)
TODO: check
CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 ...)
- TODO: check
+ - poppler <unfixed> (low; bug #518478)
+ [lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
+ [etch] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
CVE-2009-0755 (The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 ...)
- TODO: check
+ - poppler <unfixed> (low; bug #518478)
+ [lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
+ [etch] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows ...)
TODO: check
CVE-2008-6398 (sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary ...)
More information about the Secure-testing-commits
mailing list