oss-sec mailing list archives
Re: Need more information on recent poppler issues
From: Moritz Muehlenhoff <jmm () inutil org>
Date: Tue, 1 Dec 2009 23:18:57 +0100
On Tue, Dec 01, 2009 at 08:37:54AM +0100, Tomas Hoger wrote:
On Mon, 30 Nov 2009 20:08:56 -0500 (EST) "Steven M. Christey" <coley () linus mitre org> wrote:DSA-1941 lists three reserved CVE entries for Poppler issues, but there aren't any more details, which makes it difficult to create CVE descriptions. Specifically, CVE-2009-3906, CVE-2009-3907, and CVE-2009-3908 don't have any details as far as I can tell. Can anybody help?They look like typos to me. That DSA lists 7 CVE-2009-390x CVEs, while it should probably list CVE-2009-3*6*0x ones. CVE-2009-390[345] are public and for unrelated applications.
Yes, that is correct (and has been fixed in the Debian Security Tracker a few days ago: http://security-tracker.debian.org/tracker/source-package/poppler) I blame it on the new console mouse mode in Emacs 23 which broke copy&paste from a different tty with GPM ;-) (Disabling gpm-mouse-mode helps, as I found out later.) Cheers, Moritz
Current thread:
- Need more information on recent poppler issues Steven M. Christey (Nov 30)
- Re: Need more information on recent poppler issues Tomas Hoger (Nov 30)
- Re: Need more information on recent poppler issues Moritz Muehlenhoff (Dec 01)
- Re: Need more information on recent poppler issues Marc Deslauriers (Dec 01)
- Re: Need more information on recent poppler issues Michael Gilbert (Dec 01)
- Re: Need more information on recent poppler issues Tomas Hoger (Nov 30)