[Secure-testing-commits] r18159 - data/CVE

Yves-Alexis Perez corsac at alioth.debian.org
Sat Jan 14 20:50:58 UTC 2012


Author: corsac
Date: 2012-01-14 20:50:58 +0000 (Sat, 14 Jan 2012)
New Revision: 18159

Modified:
   data/CVE/list
Log:
mark CVE-2011-155{2,3,4} as fixed by t1lib 5.1.2-3.3 

(according to https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-14 20:46:19 UTC (rev 18158)
+++ data/CVE/list	2012-01-14 20:50:58 UTC (rev 18159)
@@ -11445,15 +11445,18 @@
 CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	TODO: check
 CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before ...)
-	- t1lib <unfixed>
+	- t1lib 5.1.2-3.1
+	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
 CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in ...)
-	- t1lib <unfixed>
+	- t1lib 5.1.2-3.1
+	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
 CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other ...)
-	- t1lib <unfixed>
+	- t1lib 5.1.2-3.1
+	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
 CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...)




More information about the Secure-testing-commits mailing list