Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100929175030.GA3560@galadriel.inutil.org>
Date: Wed, 29 Sep 2010 19:50:30 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils,
 FireGPG, Wireshark

Hi,
here's a few more CVE requests for issues in the Debian Security Tracker
without a CVE ID assigned:

1. Poppler (might also affect xpdf and kpdf due to code heritage, not determined yet)
http://secunia.com/advisories/41596/
-> Links to poppler git commits are given in the Secunia link

2. Quassel
http://quassel-irc.org/node/115

3. Pyfribidi
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570068

4. Overkill (this should be a CVE-2009 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549310

5. Emacs mode for reStructuredText (from DocUtils) (this should be a CVE-2009 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560755

6. FireGPG (this should be a CVE-2008 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386
http://securityvulns.com/Udocument757.html

7. Wireshark BER dissector
http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html

Cheers,
        Moritz

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.