[Secure-testing-commits] r18155 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sat Jan 14 20:01:44 UTC 2012
Author: gilbert-guest
Date: 2012-01-14 20:01:43 +0000 (Sat, 14 Jan 2012)
New Revision: 18155
Modified:
data/CVE/list
data/embedded-code-copies
Log:
new t1lib issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-14 16:12:02 UTC (rev 18154)
+++ data/CVE/list 2012-01-14 20:01:43 UTC (rev 18155)
@@ -14821,6 +14821,10 @@
[squeeze] - vftool 2.0alpha-4+squeeze1
[lenny] - vftool 2.0alpha-3+lenny1
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923
+ - t1lib <unfixed>
+ NOTE: vuln source file is lib/t1lib/parseAFM.c, which differs slightly from evince's afmparse.c in the affected areas but it is indeed affected
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=643882
CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo method in ...)
{DSA-2177-1}
- pywebdav 0.9.4-3
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2012-01-14 16:12:02 UTC (rev 18154)
+++ data/embedded-code-copies 2012-01-14 20:01:43 UTC (rev 18155)
@@ -676,7 +676,10 @@
- tetex-bin 2.0.2-1 (embed)
- texlive-bin <unknown> (embed)
- grace 5.1.14-2 (embed)
- NOTE: Might be fixed even earlier
+ - evince <unfixed> (embed)
+ NOTE: at least parseafm code, maybe more?
+ - vftool <unfixed> (embed)
+ NOTE: just parseafm code it seems
guichan
- boswars <unfixed> (embed)
More information about the Secure-testing-commits
mailing list