var-200904-0818
Vulnerability from variot
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. Xpdf is an open source viewer for Portable Document Format (PDF) files. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: cups
Announcement ID: SUSE-SA:2009:024
Date: Wed, 22 Apr 2009 13:00:00 +0000
Affected Products: openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP2
SUSE Linux Enterprise Server 10 SP2
SLE 11
Vulnerability Type: remote code execution
Severity (1-10): 8 (critical)
SUSE Default Package: yes
Cross-References: CVE-2009-0146, CVE-2009-0147, CVE-2009-0163
CVE-2009-0165, CVE-2009-0166, CVE-2009-0799
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180
CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
Content of This Advisory:
1) Security Vulnerability Resolved:
fixed remotely exploitable overflows
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
The Common Unix Printing System, CUPS, is a printing server for unix-like operating systems. It allows a local user to print documents as well as remote users via port 631/tcp.
There were two security vulnerabilities fixed in cups.
The first one can be triggered by a specially crafted tiff file. This
file could lead to an integer overflow in the 'imagetops' filter which caused an heap overflow later. This bug is probably exploitable remotely by users having remote access to the CUPS server and allows the execution of arbitrary code with the privileges of the cupsd process. (CVE-2009-0163)
The second issue affects the JBIG2 decoding of the 'pdftops' filter.
The JBIG2 decoding routines are vulnerable to various software failure types like integer and buffer overflows and it is believed to be exploit- able remotely to execute arbitrary code with the privileges of the cupsd process. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183)
2) Solution or Work-Around
none
3) Special Instructions and Notes
none
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing
x86 Platform:
openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm
openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm
Power PC Platform:
openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm
openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm
x86-64 Platform:
openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm
openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm
Sources:
openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm
openSUSE 11.0: http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
Open Enterprise Server http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SLES 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLED 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLE 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLES 11 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing
with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made
using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de" where
is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing
with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSe8qrney5gA9JdPZAQI4aQf/e938Hr+O1QYi9y5cm9ycOcaFHWx0oZED yyOc4lUYZrb7qjmErPHfpoMR9c2XZlmESwKY0RZjddxe+vINDrOcMuI4nrp12ObP uYvSAAz3xgpXzVtW5B/90ihHJAqHAnwOsdO8adt6PtKCt7T2gMPuQV0RSz3BRy// qtBHDNyTBRPK7ex/YKUyQAbNENQUa3r9BaHpTHWjscfCoQch4Wz5hmLKv/n7eYdj CFetsr6zu3hn3isKD8EPTIMbkpaYBMxp53UnNiRmVRy0Gb7zlBz5ByYQaYY+YKf/ OZ+ZHRTuDsNbAT03QtkvML3yqr3Yobb39DFa+cSsH2c9xTdwWdzSAg== =ZnS5 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-759-1 April 16, 2009 poppler vulnerabilities CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpoppler1 0.5.1-0ubuntu7.5 libpoppler1-glib 0.5.1-0ubuntu7.5
Ubuntu 8.04 LTS: libpoppler-glib2 0.6.4-1ubuntu3.2 libpoppler2 0.6.4-1ubuntu3.2
Ubuntu 8.10: libpoppler-glib3 0.8.7-1ubuntu0.2 libpoppler3 0.8.7-1ubuntu0.2
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that poppler contained multiple security issues in its JBIG2 decoder. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
Additionally the kdegraphics package was rebuild to make kdegraphics-kpdf link correctly to the new poppler libraries and are also provided.
The updated poppler packages have upgraded to 0.5.4 and have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
Updated Packages:
Corporate 4.0: dea66bbd492f22ba623f36ae0102b339 corporate/4.0/i586/kdegraphics-3.5.4-0.11.20060mlcs4.i586.rpm eaacb79881584083d5681e79c0ec1e46 corporate/4.0/i586/kdegraphics-common-3.5.4-0.11.20060mlcs4.i586.rpm a960ae38707f543c53ac96fb856da981 corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.11.20060mlcs4.i586.rpm 672a722cb91868a93a8ff3138055353e corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.11.20060mlcs4.i586.rpm 832787af5c0d252273449282fa6e7c01 corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.11.20060mlcs4.i586.rpm affd706478ba572240b1c3fb3a40d456 corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.11.20060mlcs4.i586.rpm b53883590e3543b0d015e966085d6b2e corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.11.20060mlcs4.i586.rpm 297eec12d7f21cd3fc71220ee0ff50e9 corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.11.20060mlcs4.i586.rpm 70006017b4ec0bb49029781cb36689b0 corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.11.20060mlcs4.i586.rpm 269129214d07cb094a62f569baea8e00 corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.11.20060mlcs4.i586.rpm 29129e310c15b3865112b16a6eb109a7 corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.11.20060mlcs4.i586.rpm 1a0bde06b6f6a9af7b18ef7ac514a152 corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.11.20060mlcs4.i586.rpm bd5423a1a421242ac066f324eb733f42 corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.11.20060mlcs4.i586.rpm 1fe20d0c673fe1e3ddcd60afd4e5d473 corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.11.20060mlcs4.i586.rpm cae59cdcc9ea7dba41aad24d184cafaa corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.11.20060mlcs4.i586.rpm e8d0add657152f6a834d6d6dd58e02fe corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.11.20060mlcs4.i586.rpm 5a829be0326888b9613acc993744c39f corporate/4.0/i586/kdegraphics-kview-3.5.4-0.11.20060mlcs4.i586.rpm 9bd1814ef1a568f897fe0b0692404bb6 corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.11.20060mlcs4.i586.rpm 7cf01837d3681fb41c501c11ea8ab030 corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.11.20060mlcs4.i586.rpm 6a29cdda3b4a4f0cd45b041cd8bf6b50 corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.11.20060mlcs4.i586.rpm 82663a9f72adc820a7de1759e63a4d69 corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.11.20060mlcs4.i586.rpm 0fd075cd510d1b935757781b22af1c80 corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.11.20060mlcs4.i586.rpm 483056e6a21a7df3bf29ec60dcb742c9 corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.11.20060mlcs4.i586.rpm 0bef434eda416daeb73c9a5b63d16c4b corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.11.20060mlcs4.i586.rpm 2903f1630b5ab746265f122e1b361b59 corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.11.20060mlcs4.i586.rpm 9ab4acd2409f30fa9d44bd93a46d31dd corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.11.20060mlcs4.i586.rpm 2e398a8d7c54070f9bfd97d5f11a25f5 corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.11.20060mlcs4.i586.rpm 0c05af96ff0515c79f68ccf230a80b19 corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.11.20060mlcs4.i586.rpm 8ece732e8d172ee1a9c9acd6ed5a6842 corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.11.20060mlcs4.i586.rpm ac8518e4d52be4a05d721c6aaa6e8c32 corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.11.20060mlcs4.i586.rpm 6e8776ceba1e89c7d4c9f8535c83321e corporate/4.0/i586/libpoppler1-0.5.4-0.1.20060mlcs4.i586.rpm f62ca0bb896da6f7e276fdcc2ce9ab1d corporate/4.0/i586/libpoppler1-devel-0.5.4-0.1.20060mlcs4.i586.rpm c5ceadf8331ef8066935e3e962e90544 corporate/4.0/i586/libpoppler-qt1-0.5.4-0.1.20060mlcs4.i586.rpm 2e9ddef72271e5f6e393d378f96edab4 corporate/4.0/i586/libpoppler-qt1-devel-0.5.4-0.1.20060mlcs4.i586.rpm 3972be61f01933a4803656eac7de5b19 corporate/4.0/i586/poppler-0.5.4-0.1.20060mlcs4.i586.rpm 88983ff8ae37983c60c7a5b4637a6b00 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.11.20060mlcs4.src.rpm 4fb8f13d956af237eb9b1b258fc3f248 corporate/4.0/SRPMS/poppler-0.5.4-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 614466bad3bbb8fd4d1a231221b4a6cc corporate/4.0/x86_64/kdegraphics-3.5.4-0.11.20060mlcs4.x86_64.rpm e9437cd560f5f48fd2b97939393386a7 corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.11.20060mlcs4.x86_64.rpm 5121ccdc4cdd2cd6b84e53bc00d98f0b corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.11.20060mlcs4.x86_64.rpm 13dc7c9f2397a179aee58b5bf10b072c corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.11.20060mlcs4.x86_64.rpm 53b353e9edfa33d34eee360bedae5ca9 corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.11.20060mlcs4.x86_64.rpm a4f4ff609d07d18896e88818aa46d6f0 corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.11.20060mlcs4.x86_64.rpm eafbd23da8d057bf5177bf7d87127ea9 corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.11.20060mlcs4.x86_64.rpm a17791eaa9316c418e39522d4e54783e corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.11.20060mlcs4.x86_64.rpm a37ca8e2f7cf7fe61be675ec9c26305f corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.11.20060mlcs4.x86_64.rpm d8e992f1dab0041f9d20457d4eaec6bd corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.11.20060mlcs4.x86_64.rpm 27c123a5d099ec3fe22d2b919dbc5510 corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.11.20060mlcs4.x86_64.rpm aab1c67de88efae3ae1d8e5d30698c2d corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.11.20060mlcs4.x86_64.rpm 2e09a8fc4f383539074e2799c4a97ba1 corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.11.20060mlcs4.x86_64.rpm d54670b3dfdfa7f8045129a64e514a07 corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.11.20060mlcs4.x86_64.rpm c82b9ebc34696168c5e65ce87f2a9a67 corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.11.20060mlcs4.x86_64.rpm fbe3f19d25447527d338b042cfa5fe60 corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.11.20060mlcs4.x86_64.rpm afeb446e4eaec5f10fbdd2329381b8c0 corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.11.20060mlcs4.x86_64.rpm 5f59c3ee24f3b920ab8c626674f9a60e corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.11.20060mlcs4.x86_64.rpm acbb79f250a649d105966639998bcaf5 corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.11.20060mlcs4.x86_64.rpm 1ba152d082f731577401d66ef96935ad corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm 55a6e9901a3a210441a8682e415aa742 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.11.20060mlcs4.x86_64.rpm ba9753d41cd38b3cd483aa42a153fe23 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm 26dcfaa91467f532d78f7c324c1dcdf5 corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.11.20060mlcs4.x86_64.rpm 92e971cba13d97b3abdc7a98dc0df258 corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm 4389a06ba0ac3526f17a429010add510 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.11.20060mlcs4.x86_64.rpm 280fd79e9cdc88fdb0914ef159d3f0cf corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm c45e9900d456b7d593312acb99b94145 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.11.20060mlcs4.x86_64.rpm 172d4b0334dc7b3c00df5d2e30f1e1c9 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm a3d6df24532cc486c8e3c94f83a901ad corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.11.20060mlcs4.x86_64.rpm 77760b8881b8ac95d717585e1bc99869 corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm 9fb716fd221e76a32560ecb1c6f3f645 corporate/4.0/x86_64/lib64poppler1-0.5.4-0.1.20060mlcs4.x86_64.rpm 15f410a2adba4b06b3a89982b0ecddcf corporate/4.0/x86_64/lib64poppler1-devel-0.5.4-0.1.20060mlcs4.x86_64.rpm 6fea5cfe8ef1c14faaf1a9f507150412 corporate/4.0/x86_64/lib64poppler-qt1-0.5.4-0.1.20060mlcs4.x86_64.rpm ba25ff0acd3d67f493c40e577edacefb corporate/4.0/x86_64/lib64poppler-qt1-devel-0.5.4-0.1.20060mlcs4.x86_64.rpm bc1572dceb3f6f4592a4a881a069a4b4 corporate/4.0/x86_64/poppler-0.5.4-0.1.20060mlcs4.x86_64.rpm 88983ff8ae37983c60c7a5b4637a6b00 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.11.20060mlcs4.src.rpm 4fb8f13d956af237eb9b1b258fc3f248 corporate/4.0/SRPMS/poppler-0.5.4-0.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. (CVE-2009-0165). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-3608, CVE-2009-3609)
This update corrects the problems.
Background
Poppler is a cross-platform PDF rendering library originally based on Xpdf. Please review the CVE identifiers referenced below for details. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200904-20
http://security.gentoo.org/
Severity: Normal Title: CUPS: Multiple vulnerabilities Date: April 23, 2009 Bugs: #263070 ID: 200904-20
Synopsis
Multiple errors in CUPS might allow for the remote execution of arbitrary code or DNS rebinding attacks.
Background
CUPS, the Common Unix Printing System, is a full-featured print server.
-
Aaron Siegel of Apple Product Security reported that the CUPS web interface does not verify the content of the "Host" HTTP header properly (CVE-2009-0164).
-
Braden Thomas and Drew Yao of Apple Product Security reported that CUPS is vulnerable to CVE-2009-0146, CVE-2009-0147 and CVE-2009-0166, found earlier in xpdf and poppler. Furthermore, the web interface could be used to conduct DNS rebinding attacks.
Workaround
There is no known workaround at this time.
Resolution
All CUPS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.3.10"
References
[ 1 ] CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 [ 2 ] CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 [ 3 ] CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 [ 4 ] CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 [ 5 ] CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200904-20.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the old stable distribution (etch), these problems have been fixed in version 3.01-9.1+etch6.
For the stable distribution (lenny), these problems have been fixed in version 3.02-1.4+lenny1.
For the unstable distribution (sid), these problems will be fixed in a forthcoming version.
We recommend that you upgrade your xpdf packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Debian GNU/Linux 5.0 alias lenny
Debian (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc Size/MD5 checksum: 974 9c04059981f8b036d7e6e39c7f0aeb21 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz Size/MD5 checksum: 46835 c69a67b9ff487403e7c3ff819c6ff734 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb Size/MD5 checksum: 62834 dd8f37161c3b2430cb1cd65c911e9f86 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb Size/MD5 checksum: 1278 d6da8e00b02ab3f17ec44b90fff6bb30
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 920352 83b7d74d9ebae9b26da91de7c91d3502 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 1687294 9862913548fff9bfda37a6fe075df5b0
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 809202 171520d7642019943bfe7166876f5da5 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 1493308 9575f135e9ec312f9e6d7d2517dd8f5b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 803714 6db06ffcba7f6d7576ed356e7989557d http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 1468616 9afde01dda379acd4e7edfbccc7c7b2d
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 1773794 c9012a9d3919ec40dcea1264ac27a6fe http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 963060 565daaf6f15ff7593d560ef7a2f94364
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 796992 5270bef04f1c2e924b813dffe6050d89 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 1458826 b2f3cbaac0ffcce0bb8d7e656bf11b02
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 1217142 afeaf9bfc66ebb69767703bfb30bbd4c http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 2218472 6545e9b6f58a84c0daa76baa8a0db629
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 946638 5323268be89e54c5c8eb7ae13f0eab14 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 1721268 0b710c0bcc6ffefe29f683ab09d3cbe8
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 1554798 eadd6236b778761086d436dd8db986e4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 849204 d22f5d59f03d6484e149d7536a25a517
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 1401814 0e3f588c64e8fa9a102ebcae29c4d807 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 767392 4b7c1a868f2f909c2dce25087da77817
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 1394680 8b17e2339e2a908a610271eb678495b1 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 763618 f3897333018702ee926e41ca5f58dc92
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc Size/MD5 checksum: 1266 faeebc4dfc74129ca708a6345bb483f7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz Size/MD5 checksum: 42280 362f72e95494f51a19eeb898b9a527ac
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 67664 b5f063bf32cbeaf1aaeec315dc8aff0a http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 1268 f67780458dac3c38cd59bfde186f9a3b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1896344 f65f591413c25a23ea2aaccba2b5b634 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1018434 cb679c93bbc428ea852bd4ef3103e42d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 1709514 1e1277251a6dd0bb0a551997efd39175 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 921892 fb7de1db5e3885365c3ad74c3646ab57
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 1667088 58ddefe40598d6fe4a5016145163ef45 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 907908 881594298fe547cefa3d528c519d369f
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 886242 51d55f7c4de41c5d4051f41fde9b7389 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 1602392 bc996edfad6d1995cb4ef2f4c7760b51
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1076286 fa3ac4a1001abf3e892bb1397b06ff17 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1985520 e95263d094e2c8d6aa72ee1edb9105f3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 876656 441042932886fa29adae731338f6b5bd http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 1611730 52516381da25dbb0c1145e2b7cdf692a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 1380222 0ffaee560534c9d69df433340679c8fc http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 2519970 eb4f4e5c173557fa8ae713f123cbb193
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1894924 58b336b114ef5c8fb9fc6244411b4cf4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1040834 ae8ed06ea2ed07e3a064c6bd28e80933
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1026954 eac8167230b8fa208cdbc5b196f0c624 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1872050 8f2e99ce5a102d099ba22543f246d5bd
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 1788584 7d1466cc8770bd92f299c1cc772f64e7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 968838 7cc8568d6b74348300066e42b27f90c2
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 871666 1dde93a4cc0a28b90f92c05f0d181079 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 1598270 201ad07e4853843dce22f22daa41fd35
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 863662 446f2d8fe6483d3741648c4db1ff5b82 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 1586262 52861c00f406c35db8a6e6f3269cc37d
These files will probably be moved into the stable distribution on its next update
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200904-0818",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.4"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.5"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10-1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.7"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.00"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.19"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.7"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.8"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.3"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92b"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.8"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.10"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.92"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.18"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "1.00a"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.4"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93b"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.01"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.9"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.10"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-3"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.01"
},
{
"model": "cups",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.9"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92e"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.22"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.7"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "1.01"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.93"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.6"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.7"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.03"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.00"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.14"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.17"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.16"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92a"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.21"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.6"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.20"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.15"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.6"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.5a"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-2"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91b"
},
{
"model": "xpdfreader",
"scope": "lte",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.02"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.80"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.11"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.8"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93c"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "1.00"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.12"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92d"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.11"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.13"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.91"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.12"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.3"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.7a"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92c"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.23"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91c"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.90"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.5"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9-1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.11"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.02"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mandriva",
"sources": [
{
"db": "PACKETSTORM",
"id": "89072"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "77104"
},
{
"db": "PACKETSTORM",
"id": "82087"
}
],
"trust": 0.4
},
"cve": "CVE-2009-0147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-37593",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-0147",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0147",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-37593",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-0147",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37593"
},
{
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. Xpdf is an open source viewer for Portable Document Format (PDF) files. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: cups\n Announcement ID: SUSE-SA:2009:024\n Date: Wed, 22 Apr 2009 13:00:00 +0000\n Affected Products: openSUSE 10.3\n openSUSE 11.0\n openSUSE 11.1\n SUSE SLES 9\n Novell Linux Desktop 9\n Open Enterprise Server\n Novell Linux POS 9\n SUSE Linux Enterprise Desktop 10 SP2\n SUSE Linux Enterprise Server 10 SP2\n SLE 11\n Vulnerability Type: remote code execution\n Severity (1-10): 8 (critical)\n SUSE Default Package: yes\n Cross-References: CVE-2009-0146, CVE-2009-0147, CVE-2009-0163\n CVE-2009-0165, CVE-2009-0166, CVE-2009-0799\n CVE-2009-0800, CVE-2009-1179, CVE-2009-1180\n CVE-2009-1181, CVE-2009-1182, CVE-2009-1183\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n fixed remotely exploitable overflows\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n The Common Unix Printing System, CUPS, is a printing server for unix-like\n operating systems. It allows a local user to print documents as well as\n remote users via port 631/tcp. \n\n There were two security vulnerabilities fixed in cups. \n\n The first one can be triggered by a specially crafted tiff file. This \n file could lead to an integer overflow in the \u0027imagetops\u0027 filter which \n caused an heap overflow later. \n This bug is probably exploitable remotely by users having remote access\n to the CUPS server and allows the execution of arbitrary code with the\n privileges of the cupsd process. (CVE-2009-0163)\n\n The second issue affects the JBIG2 decoding of the \u0027pdftops\u0027 filter. \n The JBIG2 decoding routines are vulnerable to various software failure\n types like integer and buffer overflows and it is believed to be exploit-\n able remotely to execute arbitrary code with the privileges of the cupsd\n process. \n (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799,\n CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182,\n CVE-2009-1183)\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n none\n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n Online Update (YOU) tool. YOU detects which updates are required and\n automatically performs the necessary steps to verify and install them. \n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n \n x86 Platform:\n \n openSUSE 11.1:\n http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm\n http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm\n http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm\n http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm\n \n Power PC Platform:\n \n openSUSE 11.1:\n http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm\n \n x86-64 Platform:\n \n openSUSE 11.1:\n http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm\n \n Sources:\n \n openSUSE 11.1:\n http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm\n \n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n Open Enterprise Server\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n Novell Linux POS 9\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n Novell Linux Desktop 9\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n SUSE SLES 9\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n SUSE Linux Enterprise Server 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=a777264f13a7d9d882a7d024d831be1f\n \n SUSE Linux Enterprise Desktop 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=a777264f13a7d9d882a7d024d831be1f\n \n SLES 11\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n \n SLED 11\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n \n SLE 11\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n \n SLES 11 DEBUGINFO\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.4.2 (GNU/Linux)\n\nmQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA\nBqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz\nJR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh\n1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U\nP7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+\ncZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg\nVGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b\nyHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7\ntQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ\nxG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63\nOm8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo\nchoXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI\nBkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u\nv/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+\nx9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0\nIx30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq\nMkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2\nsaqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o\nL0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU\nF7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS\nFQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW\ntp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It\nKlj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF\nAjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+\n3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk\nYS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP\n+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR\n8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U\n8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S\ncZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh\nELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB\nUVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo\nAqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n\nKFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi\nBBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro\nnIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg\nKL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx\nyoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn\nB/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV\nwM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh\nUzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF\n5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3\nD3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu\nzgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd\n9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi\na5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13\nCNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp\n271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE\nt5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG\nB/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw\nrbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt\nIJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL\nrWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H\nRKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa\ng8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA\nCspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO\n=ypVs\n- -----END PGP PUBLIC KEY BLOCK-----\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSe8qrney5gA9JdPZAQI4aQf/e938Hr+O1QYi9y5cm9ycOcaFHWx0oZED\nyyOc4lUYZrb7qjmErPHfpoMR9c2XZlmESwKY0RZjddxe+vINDrOcMuI4nrp12ObP\nuYvSAAz3xgpXzVtW5B/90ihHJAqHAnwOsdO8adt6PtKCt7T2gMPuQV0RSz3BRy//\nqtBHDNyTBRPK7ex/YKUyQAbNENQUa3r9BaHpTHWjscfCoQch4Wz5hmLKv/n7eYdj\nCFetsr6zu3hn3isKD8EPTIMbkpaYBMxp53UnNiRmVRy0Gb7zlBz5ByYQaYY+YKf/\nOZ+ZHRTuDsNbAT03QtkvML3yqr3Yobb39DFa+cSsH2c9xTdwWdzSAg==\n=ZnS5\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-759-1 April 16, 2009\npoppler vulnerabilities\nCVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799,\nCVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181,\nCVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpoppler1 0.5.1-0ubuntu7.5\n libpoppler1-glib 0.5.1-0ubuntu7.5\n\nUbuntu 8.04 LTS:\n libpoppler-glib2 0.6.4-1ubuntu3.2\n libpoppler2 0.6.4-1ubuntu3.2\n\nUbuntu 8.10:\n libpoppler-glib3 0.8.7-1ubuntu0.2\n libpoppler3 0.8.7-1ubuntu0.2\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nWill Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that\npoppler contained multiple security issues in its JBIG2 decoder. NOTE: some of these details are obtained\n from third party information. NOTE: this issue reportedly exists\n because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). \n \n Additionally the kdegraphics package was rebuild to make\n kdegraphics-kpdf link correctly to the new poppler libraries and are\n also provided. \n \n The updated poppler packages have upgraded to 0.5.4 and have been\n patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n _______________________________________________________________________\n\n Updated Packages:\n\n Corporate 4.0:\n dea66bbd492f22ba623f36ae0102b339 corporate/4.0/i586/kdegraphics-3.5.4-0.11.20060mlcs4.i586.rpm\n eaacb79881584083d5681e79c0ec1e46 corporate/4.0/i586/kdegraphics-common-3.5.4-0.11.20060mlcs4.i586.rpm\n a960ae38707f543c53ac96fb856da981 corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.11.20060mlcs4.i586.rpm\n 672a722cb91868a93a8ff3138055353e corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.11.20060mlcs4.i586.rpm\n 832787af5c0d252273449282fa6e7c01 corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.11.20060mlcs4.i586.rpm\n affd706478ba572240b1c3fb3a40d456 corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.11.20060mlcs4.i586.rpm\n b53883590e3543b0d015e966085d6b2e corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.11.20060mlcs4.i586.rpm\n 297eec12d7f21cd3fc71220ee0ff50e9 corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.11.20060mlcs4.i586.rpm\n 70006017b4ec0bb49029781cb36689b0 corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.11.20060mlcs4.i586.rpm\n 269129214d07cb094a62f569baea8e00 corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.11.20060mlcs4.i586.rpm\n 29129e310c15b3865112b16a6eb109a7 corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.11.20060mlcs4.i586.rpm\n 1a0bde06b6f6a9af7b18ef7ac514a152 corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.11.20060mlcs4.i586.rpm\n bd5423a1a421242ac066f324eb733f42 corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.11.20060mlcs4.i586.rpm\n 1fe20d0c673fe1e3ddcd60afd4e5d473 corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.11.20060mlcs4.i586.rpm\n cae59cdcc9ea7dba41aad24d184cafaa corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.11.20060mlcs4.i586.rpm\n e8d0add657152f6a834d6d6dd58e02fe corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.11.20060mlcs4.i586.rpm\n 5a829be0326888b9613acc993744c39f corporate/4.0/i586/kdegraphics-kview-3.5.4-0.11.20060mlcs4.i586.rpm\n 9bd1814ef1a568f897fe0b0692404bb6 corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.11.20060mlcs4.i586.rpm\n 7cf01837d3681fb41c501c11ea8ab030 corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.11.20060mlcs4.i586.rpm\n 6a29cdda3b4a4f0cd45b041cd8bf6b50 corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.11.20060mlcs4.i586.rpm\n 82663a9f72adc820a7de1759e63a4d69 corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.11.20060mlcs4.i586.rpm\n 0fd075cd510d1b935757781b22af1c80 corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.11.20060mlcs4.i586.rpm\n 483056e6a21a7df3bf29ec60dcb742c9 corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.11.20060mlcs4.i586.rpm\n 0bef434eda416daeb73c9a5b63d16c4b corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.11.20060mlcs4.i586.rpm\n 2903f1630b5ab746265f122e1b361b59 corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.11.20060mlcs4.i586.rpm\n 9ab4acd2409f30fa9d44bd93a46d31dd corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.11.20060mlcs4.i586.rpm\n 2e398a8d7c54070f9bfd97d5f11a25f5 corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.11.20060mlcs4.i586.rpm\n 0c05af96ff0515c79f68ccf230a80b19 corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.11.20060mlcs4.i586.rpm\n 8ece732e8d172ee1a9c9acd6ed5a6842 corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.11.20060mlcs4.i586.rpm\n ac8518e4d52be4a05d721c6aaa6e8c32 corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.11.20060mlcs4.i586.rpm\n 6e8776ceba1e89c7d4c9f8535c83321e corporate/4.0/i586/libpoppler1-0.5.4-0.1.20060mlcs4.i586.rpm\n f62ca0bb896da6f7e276fdcc2ce9ab1d corporate/4.0/i586/libpoppler1-devel-0.5.4-0.1.20060mlcs4.i586.rpm\n c5ceadf8331ef8066935e3e962e90544 corporate/4.0/i586/libpoppler-qt1-0.5.4-0.1.20060mlcs4.i586.rpm\n 2e9ddef72271e5f6e393d378f96edab4 corporate/4.0/i586/libpoppler-qt1-devel-0.5.4-0.1.20060mlcs4.i586.rpm\n 3972be61f01933a4803656eac7de5b19 corporate/4.0/i586/poppler-0.5.4-0.1.20060mlcs4.i586.rpm \n 88983ff8ae37983c60c7a5b4637a6b00 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.11.20060mlcs4.src.rpm\n 4fb8f13d956af237eb9b1b258fc3f248 corporate/4.0/SRPMS/poppler-0.5.4-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 614466bad3bbb8fd4d1a231221b4a6cc corporate/4.0/x86_64/kdegraphics-3.5.4-0.11.20060mlcs4.x86_64.rpm\n e9437cd560f5f48fd2b97939393386a7 corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 5121ccdc4cdd2cd6b84e53bc00d98f0b corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 13dc7c9f2397a179aee58b5bf10b072c corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 53b353e9edfa33d34eee360bedae5ca9 corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.11.20060mlcs4.x86_64.rpm\n a4f4ff609d07d18896e88818aa46d6f0 corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.11.20060mlcs4.x86_64.rpm\n eafbd23da8d057bf5177bf7d87127ea9 corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.11.20060mlcs4.x86_64.rpm\n a17791eaa9316c418e39522d4e54783e corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.11.20060mlcs4.x86_64.rpm\n a37ca8e2f7cf7fe61be675ec9c26305f corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.11.20060mlcs4.x86_64.rpm\n d8e992f1dab0041f9d20457d4eaec6bd corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 27c123a5d099ec3fe22d2b919dbc5510 corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.11.20060mlcs4.x86_64.rpm\n aab1c67de88efae3ae1d8e5d30698c2d corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 2e09a8fc4f383539074e2799c4a97ba1 corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.11.20060mlcs4.x86_64.rpm\n d54670b3dfdfa7f8045129a64e514a07 corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.11.20060mlcs4.x86_64.rpm\n c82b9ebc34696168c5e65ce87f2a9a67 corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.11.20060mlcs4.x86_64.rpm\n fbe3f19d25447527d338b042cfa5fe60 corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.11.20060mlcs4.x86_64.rpm\n afeb446e4eaec5f10fbdd2329381b8c0 corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 5f59c3ee24f3b920ab8c626674f9a60e corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.11.20060mlcs4.x86_64.rpm\n acbb79f250a649d105966639998bcaf5 corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 1ba152d082f731577401d66ef96935ad corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 55a6e9901a3a210441a8682e415aa742 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.11.20060mlcs4.x86_64.rpm\n ba9753d41cd38b3cd483aa42a153fe23 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 26dcfaa91467f532d78f7c324c1dcdf5 corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 92e971cba13d97b3abdc7a98dc0df258 corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 4389a06ba0ac3526f17a429010add510 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 280fd79e9cdc88fdb0914ef159d3f0cf corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm\n c45e9900d456b7d593312acb99b94145 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 172d4b0334dc7b3c00df5d2e30f1e1c9 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm\n a3d6df24532cc486c8e3c94f83a901ad corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 77760b8881b8ac95d717585e1bc99869 corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm\n 9fb716fd221e76a32560ecb1c6f3f645 corporate/4.0/x86_64/lib64poppler1-0.5.4-0.1.20060mlcs4.x86_64.rpm\n 15f410a2adba4b06b3a89982b0ecddcf corporate/4.0/x86_64/lib64poppler1-devel-0.5.4-0.1.20060mlcs4.x86_64.rpm\n 6fea5cfe8ef1c14faaf1a9f507150412 corporate/4.0/x86_64/lib64poppler-qt1-0.5.4-0.1.20060mlcs4.x86_64.rpm\n ba25ff0acd3d67f493c40e577edacefb corporate/4.0/x86_64/lib64poppler-qt1-devel-0.5.4-0.1.20060mlcs4.x86_64.rpm\n bc1572dceb3f6f4592a4a881a069a4b4 corporate/4.0/x86_64/poppler-0.5.4-0.1.20060mlcs4.x86_64.rpm \n 88983ff8ae37983c60c7a5b4637a6b00 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.11.20060mlcs4.src.rpm\n 4fb8f13d956af237eb9b1b258fc3f248 corporate/4.0/SRPMS/poppler-0.5.4-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. (CVE-2009-0165). NOTE:\n the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-3608, CVE-2009-3609)\n \n This update corrects the problems. \n\nBackground\n==========\n\nPoppler is a cross-platform PDF rendering library originally based on\nXpdf. Please review\nthe CVE identifiers referenced below for details. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200904-20\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: CUPS: Multiple vulnerabilities\n Date: April 23, 2009\n Bugs: #263070\n ID: 200904-20\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple errors in CUPS might allow for the remote execution of\narbitrary code or DNS rebinding attacks. \n\nBackground\n==========\n\nCUPS, the Common Unix Printing System, is a full-featured print server. \n\n* Aaron Siegel of Apple Product Security reported that the CUPS web\n interface does not verify the content of the \"Host\" HTTP header\n properly (CVE-2009-0164). \n\n* Braden Thomas and Drew Yao of Apple Product Security reported that\n CUPS is vulnerable to CVE-2009-0146, CVE-2009-0147 and CVE-2009-0166,\n found earlier in xpdf and poppler. Furthermore, the web\ninterface could be used to conduct DNS rebinding attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.3.10\"\n\nReferences\n==========\n\n [ 1 ] CVE-2009-0146\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146\n [ 2 ] CVE-2009-0147\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147\n [ 3 ] CVE-2009-0163\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163\n [ 4 ] CVE-2009-0164\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164\n [ 5 ] CVE-2009-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200904-20.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. \n\nFor the old stable distribution (etch), these problems have been fixed in version\n3.01-9.1+etch6. \n\nFor the stable distribution (lenny), these problems have been fixed in version\n3.02-1.4+lenny1. \n\nFor the unstable distribution (sid), these problems will be fixed in a\nforthcoming version. \n\nWe recommend that you upgrade your xpdf packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc\n Size/MD5 checksum: 974 9c04059981f8b036d7e6e39c7f0aeb21\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz\n Size/MD5 checksum: 46835 c69a67b9ff487403e7c3ff819c6ff734\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz\n Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb\n Size/MD5 checksum: 62834 dd8f37161c3b2430cb1cd65c911e9f86\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb\n Size/MD5 checksum: 1278 d6da8e00b02ab3f17ec44b90fff6bb30\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb\n Size/MD5 checksum: 920352 83b7d74d9ebae9b26da91de7c91d3502\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb\n Size/MD5 checksum: 1687294 9862913548fff9bfda37a6fe075df5b0\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb\n Size/MD5 checksum: 809202 171520d7642019943bfe7166876f5da5\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb\n Size/MD5 checksum: 1493308 9575f135e9ec312f9e6d7d2517dd8f5b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb\n Size/MD5 checksum: 803714 6db06ffcba7f6d7576ed356e7989557d\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb\n Size/MD5 checksum: 1468616 9afde01dda379acd4e7edfbccc7c7b2d\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb\n Size/MD5 checksum: 1773794 c9012a9d3919ec40dcea1264ac27a6fe\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb\n Size/MD5 checksum: 963060 565daaf6f15ff7593d560ef7a2f94364\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb\n Size/MD5 checksum: 796992 5270bef04f1c2e924b813dffe6050d89\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb\n Size/MD5 checksum: 1458826 b2f3cbaac0ffcce0bb8d7e656bf11b02\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb\n Size/MD5 checksum: 1217142 afeaf9bfc66ebb69767703bfb30bbd4c\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb\n Size/MD5 checksum: 2218472 6545e9b6f58a84c0daa76baa8a0db629\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb\n Size/MD5 checksum: 946638 5323268be89e54c5c8eb7ae13f0eab14\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb\n Size/MD5 checksum: 1721268 0b710c0bcc6ffefe29f683ab09d3cbe8\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb\n Size/MD5 checksum: 1554798 eadd6236b778761086d436dd8db986e4\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb\n Size/MD5 checksum: 849204 d22f5d59f03d6484e149d7536a25a517\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb\n Size/MD5 checksum: 1401814 0e3f588c64e8fa9a102ebcae29c4d807\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb\n Size/MD5 checksum: 767392 4b7c1a868f2f909c2dce25087da77817\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb\n Size/MD5 checksum: 1394680 8b17e2339e2a908a610271eb678495b1\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb\n Size/MD5 checksum: 763618 f3897333018702ee926e41ca5f58dc92\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc\n Size/MD5 checksum: 1266 faeebc4dfc74129ca708a6345bb483f7\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz\n Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz\n Size/MD5 checksum: 42280 362f72e95494f51a19eeb898b9a527ac\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb\n Size/MD5 checksum: 67664 b5f063bf32cbeaf1aaeec315dc8aff0a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb\n Size/MD5 checksum: 1268 f67780458dac3c38cd59bfde186f9a3b\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb\n Size/MD5 checksum: 1896344 f65f591413c25a23ea2aaccba2b5b634\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb\n Size/MD5 checksum: 1018434 cb679c93bbc428ea852bd4ef3103e42d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb\n Size/MD5 checksum: 1709514 1e1277251a6dd0bb0a551997efd39175\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb\n Size/MD5 checksum: 921892 fb7de1db5e3885365c3ad74c3646ab57\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb\n Size/MD5 checksum: 1667088 58ddefe40598d6fe4a5016145163ef45\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb\n Size/MD5 checksum: 907908 881594298fe547cefa3d528c519d369f\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb\n Size/MD5 checksum: 886242 51d55f7c4de41c5d4051f41fde9b7389\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb\n Size/MD5 checksum: 1602392 bc996edfad6d1995cb4ef2f4c7760b51\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb\n Size/MD5 checksum: 1076286 fa3ac4a1001abf3e892bb1397b06ff17\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb\n Size/MD5 checksum: 1985520 e95263d094e2c8d6aa72ee1edb9105f3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb\n Size/MD5 checksum: 876656 441042932886fa29adae731338f6b5bd\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb\n Size/MD5 checksum: 1611730 52516381da25dbb0c1145e2b7cdf692a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb\n Size/MD5 checksum: 1380222 0ffaee560534c9d69df433340679c8fc\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb\n Size/MD5 checksum: 2519970 eb4f4e5c173557fa8ae713f123cbb193\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb\n Size/MD5 checksum: 1894924 58b336b114ef5c8fb9fc6244411b4cf4\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb\n Size/MD5 checksum: 1040834 ae8ed06ea2ed07e3a064c6bd28e80933\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb\n Size/MD5 checksum: 1026954 eac8167230b8fa208cdbc5b196f0c624\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb\n Size/MD5 checksum: 1872050 8f2e99ce5a102d099ba22543f246d5bd\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb\n Size/MD5 checksum: 1788584 7d1466cc8770bd92f299c1cc772f64e7\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb\n Size/MD5 checksum: 968838 7cc8568d6b74348300066e42b27f90c2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb\n Size/MD5 checksum: 871666 1dde93a4cc0a28b90f92c05f0d181079\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb\n Size/MD5 checksum: 1598270 201ad07e4853843dce22f22daa41fd35\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb\n Size/MD5 checksum: 863662 446f2d8fe6483d3741648c4db1ff5b82\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb\n Size/MD5 checksum: 1586262 52861c00f406c35db8a6e6f3269cc37d\n\n\n These files will probably be moved into the stable distribution on\n its next update",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0147"
},
{
"db": "VULHUB",
"id": "VHN-37593"
},
{
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "89072"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "77104"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "77000"
},
{
"db": "PACKETSTORM",
"id": "77279"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0147",
"trust": 2.1
},
{
"db": "VUPEN",
"id": "ADV-2009-1297",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2009-1077",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2009-1621",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2010-1040",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2009-1066",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2009-1065",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34481",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "35064",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "35618",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34291",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34756",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "35074",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34852",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "35065",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34959",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "35685",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34991",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34963",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "34755",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "35037",
"trust": 1.2
},
{
"db": "USCERT",
"id": "TA09-133A",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1022073",
"trust": 1.2
},
{
"db": "BID",
"id": "34568",
"trust": 1.2
},
{
"db": "VULHUB",
"id": "VHN-37593",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-0147",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "76918",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "76751",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89072",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77104",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123523",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77000",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77279",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37593"
},
{
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "89072"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "77104"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "77000"
},
{
"db": "PACKETSTORM",
"id": "77279"
},
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"id": "VAR-200904-0818",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37593"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:26:48.956000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Important: xpdf security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090430 - security advisory"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090429 - security advisory"
},
{
"title": "Red Hat: Important: kdegraphics security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090431 - security advisory"
},
{
"title": "Red Hat: Important: gpdf security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090458 - security advisory"
},
{
"title": "Red Hat: Important: poppler security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090480 - security advisory"
},
{
"title": "Ubuntu Security Notice: poppler vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-759-1"
},
{
"title": "Ubuntu Security Notice: koffice vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-973-1"
},
{
"title": "Debian CVElist Bug Report Logs: xpdf: multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=773868e24bff06cb90f9c91803114d93"
},
{
"title": "Debian CVElist Bug Report Logs: poppler: multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1ea2bd34c90a7e17e7b2d6fe49c98e66"
},
{
"title": "Debian Security Advisories: DSA-1790-1 xpdf -- multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6375d8b8a733e9a6329048ef00e50271"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-0147"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37593"
},
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2009/may/msg00002.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/34568"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-133a.html"
},
{
"trust": 1.2,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht3549"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht3639"
},
{
"trust": 1.2,
"url": "http://wiki.rpath.com/advisories:rpsa-2009-0059"
},
{
"trust": 1.2,
"url": "http://wiki.rpath.com/advisories:rpsa-2009-0061"
},
{
"trust": 1.2,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"trust": 1.2,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg00567.html"
},
{
"trust": 1.2,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01277.html"
},
{
"trust": 1.2,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01291.html"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:101"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:087"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9941"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0429.html"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0430.html"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0431.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2009-0458.html"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0480.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1022073"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34291"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34481"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34755"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34756"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34852"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34959"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34963"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/34991"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/35037"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/35064"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/35065"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/35074"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/35618"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/35685"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"trust": 1.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0163"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0195"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1188"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1187"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3609"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3608"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3604"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3606"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3603"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0791"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0949"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2009\u0026amp;m=slackware-security.578477"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2009:0430"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/759-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18199"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026set_restricted=true\u0026keywords=a777264f13a7d9d882a7d024d831be1f"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3603"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3606"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3604"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1196"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1196"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0165"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0166"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1188"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1788"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0146"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0799"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0147"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0164"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37593"
},
{
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "89072"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "77104"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "77000"
},
{
"db": "PACKETSTORM",
"id": "77279"
},
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-37593"
},
{
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "89072"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "77104"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "77000"
},
{
"db": "PACKETSTORM",
"id": "77279"
},
{
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-23T00:00:00",
"db": "VULHUB",
"id": "VHN-37593"
},
{
"date": "2009-04-23T00:00:00",
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"date": "2009-04-22T21:36:03",
"db": "PACKETSTORM",
"id": "76918"
},
{
"date": "2009-04-16T22:44:57",
"db": "PACKETSTORM",
"id": "76751"
},
{
"date": "2010-04-30T00:07:35",
"db": "PACKETSTORM",
"id": "89072"
},
{
"date": "2009-10-21T03:01:09",
"db": "PACKETSTORM",
"id": "82088"
},
{
"date": "2009-04-29T19:11:04",
"db": "PACKETSTORM",
"id": "77104"
},
{
"date": "2009-10-21T02:57:54",
"db": "PACKETSTORM",
"id": "82087"
},
{
"date": "2013-10-07T22:31:57",
"db": "PACKETSTORM",
"id": "123523"
},
{
"date": "2009-04-28T00:22:34",
"db": "PACKETSTORM",
"id": "77000"
},
{
"date": "2009-05-05T22:51:02",
"db": "PACKETSTORM",
"id": "77279"
},
{
"date": "2009-04-23T17:30:01.563000",
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-37593"
},
{
"date": "2019-03-06T00:00:00",
"db": "VULMON",
"id": "CVE-2009-0147"
},
{
"date": "2019-03-06T16:30:38.330000",
"db": "NVD",
"id": "CVE-2009-0147"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "77000"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SUSE Security Announcement - Code Execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "76918"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow",
"sources": [
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "89072"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "77104"
},
{
"db": "PACKETSTORM",
"id": "82087"
}
],
"trust": 0.5
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.