19664 2009-04-18 14:36:14 +0400 JBIG2 Processing Multiple Security Vulnerabilities 2009-04-29 14:14:56 +0400 1 1 4 Development Sisyphus poppler unstable all Linux CLOSED FIXED http://www.securityfocus.com/bid/34568 security P3 blocker --- 1 crux zerg dottedmag zerg qa-sisyphus oldest_to_newest 89661 0 crux 2009-04-18 14:36:14 +0400 CVE-2009-0799 xpdf OOB Read CVE-2009-0800 xpdf Multiple Input Validation Flaws CVE-2009-1179 xpdf Integer Overflow CVE-2009-1180 xpdf Invalid free() CVE-2009-1181 xpdf NULL dereference DoS CVE-2009-1182 xpdf MMR Decoder Buffer Overflows CVE-2009-1183 xpdf MMR Infinite Loop DoS Апстримом выпущена новая версия 0.10.6 poppler, исправляющая эти проблемы 89662 1 dottedmag 2009-04-18 14:37:27 +0400 security -> blo 89768 2 crux 2009-04-20 17:05:39 +0400 Сделал у себя ветку security_fixes, где развернул 0.10.6: http://git.altlinux.org/people/crux/packages/?p=poppler.git;a=commit;h=5b029c84e30f2028faa4e376e61c79875ae37833 89821 3 zerg 2009-04-21 12:05:59 +0400 poppler-0.10.6-alt2 89896 4 crux 2009-04-22 16:42:42 +0400 ack