[poppler] CVE-2008-2950
Albert Astals Cid
aacid at kde.org
Mon Jul 21 15:21:41 PDT 2008
A Dissabte 19 Juliol 2008, Pino Toscano va escriure:
> Hi,
>
> while randomly digging about Okular and Poppler bugs, I found a Mandriva
> bug: https://qa.mandriva.com/show_bug.cgi?id=42054
> leading to this CVE:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950
> and to a bug on our bugzilla:
> https://bugs.freedesktop.org/show_bug.cgi?id=16601
>
> I think to having fixed it with a serie of commits in master[1],
> poppler-0.8[2] and poppler 0.6[3].
>
> Would be nice it you could check whether all is fine, too.
Thanks man, i was informed before my holiday leave, but i could not add the
patch until they lifted the "confidentiality" to the issue.
I guess we'll have to release a new version soon although it'll have to wait
as i have a critical bugfix to do too.
Albert
>
> Thanks,
>
> [1]
> http://cgit.freedesktop.org/poppler/poppler/commit/?id=3696025977fd345b1276
>7f75a2de6ed7e9467365 [2]
> http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.8&id=fd0bf8
>b05cb155e2f29df31fa01964b12e710b89 [3]
> http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.6&id=75ad03
>79fe85330394dd5f77df19f0dfa4fd41b9
More information about the poppler
mailing list