oss-sec mailing list archives

Re: CVE Request : poppler < 0.13.0

From: Marcus Meissner <meissner () suse de>
Date: Mon, 14 Oct 2013 14:38:33 +0200

Hi,

Kurt? Could you assign a CVE please?

SUSE is affected by this in SLE11.

Ciao, Marcus
On Wed, Sep 18, 2013 at 09:53:33AM +0200, etienne wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
I'd like to request a CVE number for the following issue
http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8

The bug has been fixed in poppler 0.13.3, back in 2010, though it is
still present and exploitable in several distributions.

Thanks,

Etienne
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlI5W/cACgkQCRpgAcXwxOcbEQCgoa8IZSrKjVjEfJRXBBLcNpom
mggAmQGZmKXz/5eYy5JVETtWxVB/rH4Y
=uavz
-----END PGP SIGNATURE-----

pub  1024D/C5F0C4E7 2013-03-05 Etienne Helluy-Lafont <etiennehelluy () gmail com>
sub  1024g/A2EAC3E7 2013-03-05 [verfällt: 2014-12-30]

Current thread:

Re: CVE Request : poppler < 0.13.0 Marcus Meissner (Oct 14)
- Re: CVE Request : poppler < 0.13.0 Kurt Seifried (Oct 15)