[Secure-testing-team] Re: [Secure-testing-commits] r3297 -
data/CVE
Moritz Muehlenhoff
jmm at inutil.org
Mon Jan 16 11:00:25 UTC 2006
Florian Weimer wrote:
> >> ===================================================================
> >> --- data/CVE/list 2006-01-14 17:00:45 UTC (rev 3296)
> >> +++ data/CVE/list 2006-01-15 12:03:20 UTC (rev 3297)
> >> @@ -2826,6 +2826,7 @@
> >> CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ...)
> >> {DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
> >> - poppler 0.4.4-1 (bug #346076)
> >> + - tetex <not-affected> (Links dynamically to poppler)
>
> > Possibly, this is true for the version in unstable, but not testing.
>
> Exactly. This is why you should list the version which started
> linking dynamically against poppler as the "fixed" version. It is
> more or less necessary if there ever will be a DSA released for this
> issue.
There'll be a DSA soon, but I fail to see why this should cause problems.
- foo
is after all nothing more than a short form for
[sid] - foo
Cheers,
Moritz
More information about the Secure-testing-team
mailing list