Package: poppler Severity: grave Tags: security Hi,
the following vulnerabilities were published for poppler. CVE-2013-1788[0]: invalid memory issues CVE-2013-1789[1]: crash in broken documents CVE-2013-1790[2]: uninitialized memory read Patches are referenced in the Red Hat Bugzilla to the relevant commits. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. Could you check which Debian package versions are affected? (not for all issues, all patches might be relevant). At least for the unitialized memory read issiue the code seems present in stable. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-1788 [1] http://security-tracker.debian.org/tracker/CVE-2013-1789 [2] http://security-tracker.debian.org/tracker/CVE-2013-1790 Please adjust the affected versions in the BTS as needed. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
