[poppler] CVE-2009-0146/0147/0166

Michael S Gilbert michael.s.gilbert at gmail.com
Sat Aug 1 00:30:21 PDT 2009


I am triaging the subject CVEs in debian.  Do you have any info or
links to patches for these CVEs?  Gentoo's [1] and Ubuntu's [2] patch
sets claim to address these, but it is not entirely clear that this is
the case (they did not associate the CVE numbers with their code
changes and there are no patch sets linked from mitre to verify
against). Thank you for any info you can provide.


[1] http://bugs.gentoo.org/show_bug.cgi?id=263028
[2] http://patches.ubuntu.com/by-release/extracted/intrepid-security/p/poppler/0.8.7-1ubuntu0.2/64_security_jbig2.patch

More information about the poppler mailing list