oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request : poppler < 0.13.0

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 15 Oct 2013 23:50:08 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/14/2013 06:38 AM, Marcus Meissner wrote:

Hi,

Kurt? Could you assign a CVE please?

SUSE is affected by this in SLE11.

Ciao, Marcus On Wed, Sep 18, 2013 at 09:53:33AM +0200, etienne
wrote: Hi, I'd like to request a CVE number for the following
issue 
http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8

 The bug has been fixed in poppler 0.13.3, back in 2010, though it
is still present and exploitable in several distributions.

Thanks,

Etienne


Please use CVE-2010-5110 for this issue. Apologies, we had
Thanksgiving so I was out for a few days.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSXikPAAoJEBYNRVNeJnmToJkQANAi0Hz6HxDvwrK6MshUbrLj
JmL9s4uZKni8eiVFVxmx30Kwrmct9guWebm9nyMs8Zjw+nOX8tyfXB2UJt4klyYi
wb8UruqBWmOg329DYKWV0NgQ09V9e2mCOiW6Fjl0DPnRVipr3H55mvvQi4nQhgAA
NU3QcJ93eFJeXZInav+1kaG3qz0/qUDiV+IPClscEYNG0IuC5fAbGYqUsKiZbkrq
2+1mdoiTSTv7GIcYcr5l4bUaR/0c/smZKeobDHByNeGgPQZy7KYrD26U4cL+Jl+E
Sv6On2eNkSnZjnLBJPuVAv5dZfRG77kgGxSY65emaukCWq9yRnNnL1KSG1hHbD48
ya18BJmOrDBWdCDcReVW1kPK6fMkS8hmnaZEprKVHjJLslP9qTLBPqbNTaUx81n3
OkNLCRlxaGOOi0njeZ4gY+hy5ccMcYuz5TFwKsXIXSrc0EdFtZSdyOsbUw9TRAI1
5TWpCfjJ2q+tQolTCbPOx2AzrNeoLRCM9VFyESSO89VndCPdZd+809C8mlcjWjnk
ikfFRDXjqu8M5hvZMGs0fsKtNJejFepvbCbgaquAZ1+o20Gwv2I2KQLLCH9M5vNJ
H6jvw1MawDrzQUNZpwDZD4slpU9l4PJNa4XF4ds67A0hS/fWxtInd/EdXvzxuMiS
/h5MK4NPZICoIga0vccG
=vyNv
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: