[Secure-testing-commits] r15424 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Tue Oct 5 09:22:05 UTC 2010 

Author: jmm-guest
Date: 2010-10-05 09:21:58 +0000 (Tue, 05 Oct 2010)
New Revision: 15424

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
- bogofilter spu upload
- poppler issues CVEfied


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-10-05 09:15:51 UTC (rev 15423)
+++ data/CVE/list	2010-10-05 09:21:58 UTC (rev 15424)
@@ -49,10 +49,26 @@
 	- linux-2.6 <unfixed>
 CVE-2010-3704
 	RESERVED
+	- kdegraphics 4.0
+	- xpdf 3.02-9
+	- poppler <unfixed>
+	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
+	TODO: kdegrahics/okular and xpdf have switched to dynamic linking, Lenny needs to be checked
 CVE-2010-3703
 	RESERVED
+	- kdegraphics 4.0
+	[lenny] - kdegraphics <not-affected> (Vulnerable code not present)
+	- xpdf 3.02-9
+	[lenny] - xpdf <not-affected> (Vulnerable code not present)
+	- poppler <not-affected> (Vulnerable code not present)
+	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f
 CVE-2010-3702
 	RESERVED
+	- kdegraphics 4.0
+	- xpdf 3.02-9
+	- poppler <unfixed>
+	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf
+	TODO: kdegrahics/okular and xpdf have switched to dynamic linking, Lenny needs to be checked
 CVE-2010-3701
 	RESERVED
 CVE-2010-3700
@@ -306,11 +322,6 @@
 	RESERVED
 	{DSA-2098-1}
 	- typo3-src 4.3.5-1 (bug #590719)
-CVE-2010-XXXX [poppler multiple issues]
-	- kdegraphics 4.0
-	- xpdf <unfixed>
-	- poppler <unfixed>
-	NOTE: http://secunia.com/advisories/41596/
 CVE-2010-XXXX [piwigo]
 	- piwigo 2.1.2-2
 	NOTE: http://www.exploit-db.com/exploits/14973/

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2010-10-05 09:15:51 UTC (rev 15423)
+++ data/next-point-update.txt	2010-10-05 09:21:58 UTC (rev 15424)
@@ -10,4 +10,6 @@
 	[lenny] - xorg-server 2:1.4.2-10.lenny3
 CVE-2010-2784
 	[lenny] - kvm 72+dfsg-5~lenny6
+CVE-2010-2494
+	[lenny] - bogofilter 1.1.7-1+lenny1

More information about the Secure-testing-commits mailing list