[poppler] CVE-2008-2950
Pino Toscano
pino at kde.org
Fri Jul 18 15:35:28 PDT 2008
Hi,
while randomly digging about Okular and Poppler bugs, I found a Mandriva bug:
https://qa.mandriva.com/show_bug.cgi?id=42054
leading to this CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950
and to a bug on our bugzilla:
https://bugs.freedesktop.org/show_bug.cgi?id=16601
I think to having fixed it with a serie of commits in master[1],
poppler-0.8[2] and poppler 0.6[3].
Would be nice it you could check whether all is fine, too.
Thanks,
[1]
http://cgit.freedesktop.org/poppler/poppler/commit/?id=3696025977fd345b12767f75a2de6ed7e9467365
[2]
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.8&id=fd0bf8b05cb155e2f29df31fa01964b12e710b89
[3]
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.6&id=75ad0379fe85330394dd5f77df19f0dfa4fd41b9
--
Pino Toscano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/poppler/attachments/20080719/e164ec6d/attachment.pgp
More information about the poppler
mailing list