[Secure-testing-commits] r16218 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Mon Feb 21 14:51:38 UTC 2011
Author: thijs
Date: 2011-02-21 14:51:34 +0000 (Mon, 21 Feb 2011)
New Revision: 16218
Modified:
data/CVE/list
Log:
poppler issues not important
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-21 08:19:28 UTC (rev 16217)
+++ data/CVE/list 2011-02-21 14:51:34 UTC (rev 16218)
@@ -2008,17 +2008,19 @@
CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl]
RESERVED
- linux-2.6 <unfixed>
-CVE-2010-4654
+CVE-2010-4654 [Malformed commands may cause corruption of the internal stack]
RESERVED
- kdegraphics <not-affected> (no stackheight)
- xpdf <not-affected> (no stackheight)
- poppler <not-affected> (stackheights introduced after 0.12)
NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=8284008aa8230a92ba08d547864353d3290e9bf9
-CVE-2010-4653
+CVE-2010-4653 [integer overflow when parsing CharCodes for fonts]
RESERVED
- kdegraphics 4.0
- xpdf 3.02-9
- - poppler <unfixed>
+ - poppler <unfixed> (low)
+ [lenny] - poppler <no-dsa> (minor issue)
+ [squeeze] - poppler <no-dsa> (minor issue)
NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=cad66a7d25abdb6aa15f3aa94a35737b119b2659
CVE-2010-4652 (Heap-based buffer overflow in the sql_prepare_where function ...)
- proftpd-dfsg 1.3.3a-6
More information about the Secure-testing-commits
mailing list