Date: Tue, 1 Dec 2009 23:18:57 +0100 From: Moritz Muehlenhoff <jmm@...til.org> To: oss-security@...ts.openwall.com Cc: coley@...us.mitre.org Subject: Re: Need more information on recent poppler issues On Tue, Dec 01, 2009 at 08:37:54AM +0100, Tomas Hoger wrote: > On Mon, 30 Nov 2009 20:08:56 -0500 (EST) "Steven M. Christey" > <coley@...us.mitre.org> wrote: > > > > > DSA-1941 lists three reserved CVE entries for Poppler issues, but there > > aren't any more details, which makes it difficult to create CVE > > descriptions. Specifically, CVE-2009-3906, CVE-2009-3907, and > > CVE-2009-3908 don't have any details as far as I can tell. > > > > Can anybody help? > > They look like typos to me. That DSA lists 7 CVE-2009-390x CVEs, while > it should probably list CVE-2009-3*6*0x ones. CVE-2009-390 are > public and for unrelated applications. Yes, that is correct (and has been fixed in the Debian Security Tracker a few days ago: http://security-tracker.debian.org/tracker/source-package/poppler) I blame it on the new console mouse mode in Emacs 23 which broke copy&paste from a different tty with GPM ;-) (Disabling gpm-mouse-mode helps, as I found out later.) Cheers, Moritz
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ