> This is an automatic notification regarding your Bug report > which was filed against the poppler package: > > #524806: poppler: multiple vulnerabilities > > It has been closed by Moritz Muehlenhoff <j...@inutil.org>. > On Sun, Apr 19, 2009 at 10:04:52PM -0400, Michael S. Gilbert wrote: >> package: poppler >> severity: grave >> tags: security >> >> hello, >> >> ubuntu recently patched the following poppler issues [0]: >> >> CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, >> CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, >> CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188 > > All these issues are fixed in unstable and Lenny. > > There's only one poppler security still open, for which I'll open a > separate bug.
note that CVE-2009-1187/1188 are not yet fixed in lenny (although they are just insecure uses of gmalloc). their urgency could of course be downgraded (medium now, but i think they could probably be no-dsa). note that my etch patch does include the fixes for these. see [0] for the patches. mike [0] http://bugs.gentoo.org/show_bug.cgi?id=263028 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
