ID OPENVAS:1361412562310122426 Type openvas Reporter Eero Volotinen Modified 2018-09-28T00:00:00
Description
Oracle Linux Local Security Checks ELSA-2009-1504
###############################################################################
# OpenVAS Vulnerability Test
# $Id: ELSA-2009-1504.nasl 11688 2018-09-28 13:36:28Z cfischer $
#
# Oracle Linux Local Check
#
# Authors:
# Eero Volotinen <eero.volotinen@solinor.com>
#
# Copyright:
# Copyright (c) 2015 Eero Volotinen, http://solinor.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.122426");
script_version("$Revision: 11688 $");
script_tag(name:"creation_date", value:"2015-10-08 14:45:11 +0300 (Thu, 08 Oct 2015)");
script_tag(name:"last_modification", value:"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $");
script_name("Oracle Linux Local Check: ELSA-2009-1504");
script_tag(name:"insight", value:"ELSA-2009-1504 - poppler security and bug fix update. Please see the references for more insight.");
script_tag(name:"solution", value:"Update the affected packages to the latest available version.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"summary", value:"Oracle Linux Local Security Checks ELSA-2009-1504");
script_xref(name:"URL", value:"http://linux.oracle.com/errata/ELSA-2009-1504.html");
script_cve_id("CVE-2009-3603", "CVE-2009-3608", "CVE-2009-3609");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"qod_type", value:"package");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/oracle_linux", "ssh/login/release", re:"ssh/login/release=OracleLinux5");
script_category(ACT_GATHER_INFO);
script_copyright("Eero Volotinen");
script_family("Oracle Linux Local Security Checks");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "OracleLinux5")
{
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.5.4~4.4.el5_4.11", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.5.4~4.4.el5_4.11", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-utils", rpm:"poppler-utils~0.5.4~4.4.el5_4.11", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
}
if (__pkg_match) exit(99);
exit(0);
{"id": "OPENVAS:1361412562310122426", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2009-1504", "description": "Oracle Linux Local Security Checks ELSA-2009-1504", "published": "2015-10-08T00:00:00", "modified": "2018-09-28T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122426", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2009-1504.html"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "lastseen": "2019-05-29T18:35:57", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-3609", "CVE-2009-3603", "CVE-2009-3608"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880859", "OPENVAS:66016", "OPENVAS:136141256231066172", "OPENVAS:830933", "OPENVAS:880859", "OPENVAS:66308", "OPENVAS:66172", "OPENVAS:1361412562310880874", "OPENVAS:136141256231066016", "OPENVAS:1361412562310830933"]}, {"type": "redhat", "idList": ["RHSA-2009:1513", "RHSA-2009:1504"]}, {"type": "centos", "idList": ["CESA-2009:1513", "CESA-2009:1504"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1513", "ELSA-2009-1504"]}, {"type": "nessus", "idList": ["SL_20091015_POPPLER_ON_SL5_X.NASL", "SUSE_KDEGRAPHICS3-PDF-6653.NASL", "SUSE_CUPS-6565.NASL", "CENTOS_RHSA-2009-1504.NASL", "MANDRIVA_MDVSA-2009-280.NASL", "REDHAT-RHSA-2009-1504.NASL", "REDHAT-RHSA-2009-1513.NASL", "ORACLELINUX_ELSA-2009-1504.NASL", "SUSE_KDEGRAPHICS3-PDF-6652.NASL", "UBUNTU_USN-850-3.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22668", "SECURITYVULNS:VULN:10333"]}, {"type": "ubuntu", "idList": ["USN-850-3"]}, {"type": "fedora", "idList": ["FEDORA:002871104A0", "FEDORA:44C9610F91D", "FEDORA:E114F10F87E", "FEDORA:096CB10F88B", "FEDORA:8FE6710FD45"]}, {"type": "slackware", "idList": ["SSA-2009-302-02", "SSA-2009-302-01"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2028-1:2EE25", "DEBIAN:DSA-2050-1:A72F5"]}], "modified": "2019-05-29T18:35:57", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:35:57", "rev": 2}, "vulnersScore": 7.1}, "pluginID": "1361412562310122426", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1504.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122426\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:45:11 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1504\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1504 - poppler security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1504\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1504.html\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}
{"cve": [{"lastseen": "2020-12-09T19:31:22", "description": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.", "edition": 5, "cvss3": {}, "published": "2009-10-21T17:30:00", "title": "CVE-2009-3603", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3603"], "modified": "2019-03-06T16:30:00", "cpe": ["cpe:/a:glyphandcog:xpdfreader:3.02", "cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:glyphandcog:xpdfreader:3.01", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:glyphandcog:xpdfreader:3.00", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3603", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3603", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:22", "description": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "edition": 5, "cvss3": {}, "published": "2009-10-21T17:30:00", "title": "CVE-2009-3608", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3608"], "modified": "2019-03-06T16:30:00", "cpe": ["cpe:/a:glyphandcog:xpdfreader:3.02", "cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:glyphandcog:xpdfreader:3.01", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:glyphandcog:xpdfreader:3.00", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3608", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3608", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:22", "description": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.", "edition": 5, "cvss3": {}, "published": "2009-10-21T17:30:00", "title": "CVE-2009-3609", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3609"], "modified": "2019-03-06T16:30:00", "cpe": ["cpe:/a:glyphandcog:xpdfreader:3.02", "cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:glyphandcog:xpdfreader:3.01", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:glyphandcog:xpdfreader:3.00", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3609", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3609", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-04-06T11:39:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1504.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "modified": "2018-04-06T00:00:00", "published": "2009-10-19T00:00:00", "id": "OPENVAS:136141256231066016", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066016", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1504", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1504.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1504 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1504.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66016\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1504\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1504.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-debuginfo\", rpm:\"poppler-debuginfo~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1504.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "modified": "2017-07-12T00:00:00", "published": "2009-10-19T00:00:00", "id": "OPENVAS:66016", "href": "http://plugins.openvas.org/nasl.php?oid=66016", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1504", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1504.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1504 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1504.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66016);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1504\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1504.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-debuginfo\", rpm:\"poppler-debuginfo~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "The remote host is missing updates to poppler announced in\nadvisory CESA-2009:1504.", "modified": "2018-04-06T00:00:00", "published": "2009-11-11T00:00:00", "id": "OPENVAS:136141256231066172", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066172", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1504 (poppler)", "sourceData": "#CESA-2009:1504 66172 2\n# $Id: ovcesa2009_1504.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1504 (poppler)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1504\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1504\nhttps://rhn.redhat.com/errata/RHSA-2009-1504.html\";\ntag_summary = \"The remote host is missing updates to poppler announced in\nadvisory CESA-2009:1504.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66172\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1504 (poppler)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "Check for the Version of poppler", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880859", "href": "http://plugins.openvas.org/nasl.php?oid=880859", "type": "openvas", "title": "CentOS Update for poppler CESA-2009:1504 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for poppler CESA-2009:1504 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Poppler is a Portable Document Format (PDF) rendering library, used by\n applications such as Evince.\n\n Multiple integer overflow flaws were found in poppler. An attacker could\n create a malicious PDF file that would cause applications that use poppler\n (such as Evince) to crash or, potentially, execute arbitrary code when\n opened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n \n Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\n issue.\n \n This update also corrects a regression introduced in the previous poppler\n security update, RHSA-2009:0480, that prevented poppler from rendering\n certain PDF documents correctly. (BZ#528147)\n \n Users are advised to upgrade to these updated packages, which contain\n backported patches to resolve these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"poppler on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-October/016271.html\");\n script_id(880859);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1504\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"CentOS Update for poppler CESA-2009:1504 centos5 i386\");\n\n script_summary(\"Check for the Version of poppler\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880859", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880859", "type": "openvas", "title": "CentOS Update for poppler CESA-2009:1504 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for poppler CESA-2009:1504 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016271.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880859\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1504\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"CentOS Update for poppler CESA-2009:1504 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'poppler'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"poppler on CentOS 5\");\n script_tag(name:\"insight\", value:\"Poppler is a Portable Document Format (PDF) rendering library, used by\n applications such as Evince.\n\n Multiple integer overflow flaws were found in poppler. An attacker could\n create a malicious PDF file that would cause applications that use poppler\n (such as Evince) to crash or, potentially, execute arbitrary code when\n opened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\n Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\n issue.\n\n This update also corrects a regression introduced in the previous poppler\n security update, RHSA-2009:0480, that prevented poppler from rendering\n certain PDF documents correctly. (BZ#528147)\n\n Users are advised to upgrade to these updated packages, which contain\n backported patches to resolve these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:57:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "The remote host is missing updates to poppler announced in\nadvisory CESA-2009:1504.", "modified": "2017-07-10T00:00:00", "published": "2009-11-11T00:00:00", "id": "OPENVAS:66172", "href": "http://plugins.openvas.org/nasl.php?oid=66172", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1504 (poppler)", "sourceData": "#CESA-2009:1504 66172 2\n# $Id: ovcesa2009_1504.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1504 (poppler)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1504\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1504\nhttps://rhn.redhat.com/errata/RHSA-2009-1504.html\";\ntag_summary = \"The remote host is missing updates to poppler announced in\nadvisory CESA-2009:1504.\";\n\n\n\nif(description)\n{\n script_id(66172);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1504 (poppler)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-devel\", rpm:\"poppler-devel~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler-utils\", rpm:\"poppler-utils~0.5.4~4.4.el5_4.11\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3604", "CVE-2009-3609"], "description": "The remote host is missing an update to poppler\nannounced via advisory USN-850-3.", "modified": "2017-12-01T00:00:00", "published": "2009-11-23T00:00:00", "id": "OPENVAS:66308", "href": "http://plugins.openvas.org/nasl.php?oid=66308", "type": "openvas", "title": "Ubuntu USN-850-3 (poppler)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_850_3.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_850_3.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-850-3 (poppler)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 9.10:\n libpoppler-glib4 0.12.0-0ubuntu2.1\n libpoppler5 0.12.0-0ubuntu2.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-850-3\";\n\ntag_insight = \"USN-850-1 fixed vulnerabilities in poppler. This update provides the\ncorresponding updates for Ubuntu 9.10.\n\nOriginal advisory details:\n\n It was discovered that poppler contained multiple security issues when\n parsing malformed PDF documents. If a user or automated system were tricked\n into opening a crafted PDF file, an attacker could cause a denial of\n service or execute arbitrary code with privileges of the user invoking the\n program.\";\ntag_summary = \"The remote host is missing an update to poppler\nannounced via advisory USN-850-3.\";\n\n \n\n\nif(description)\n{\n script_id(66308);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-850-3 (poppler)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-850-3/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpoppler-dev\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler-glib-dev\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler-glib4\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler-qt-dev\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler-qt2\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler-qt4-3\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler-qt4-dev\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpoppler5\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"poppler-dbg\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"poppler-utils\", ver:\"0.12.0-0ubuntu2.1\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "description": "The remote host is missing an update to cups\nannounced via advisory MDVSA-2009:280.", "modified": "2017-07-06T00:00:00", "published": "2009-10-27T00:00:00", "id": "OPENVAS:66085", "href": "http://plugins.openvas.org/nasl.php?oid=66085", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:280 (cups)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_280.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:280 (cups)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Two integer overflow flaws were found in the CUPS pdftops filter. An\nattacker could create a malicious PDF file that would cause pdftops\nto crash or, potentially, execute arbitrary code as the lp user if\nthe file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nThis update corrects the problem.\n\nAffected: 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:280\";\ntag_summary = \"The remote host is missing an update to cups\nannounced via advisory MDVSA-2009:280.\";\n\n \n\nif(description)\n{\n script_id(66085);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:280 (cups)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpoppler4\", rpm:\"libpoppler4~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-devel\", rpm:\"libpoppler-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-glib4\", rpm:\"libpoppler-glib4~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-glib-devel\", rpm:\"libpoppler-glib-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-qt2\", rpm:\"libpoppler-qt2~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-qt4-3\", rpm:\"libpoppler-qt4-3~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-qt4-devel\", rpm:\"libpoppler-qt4-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpoppler-qt-devel\", rpm:\"libpoppler-qt-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"poppler\", rpm:\"poppler~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler4\", rpm:\"lib64poppler4~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-devel\", rpm:\"lib64poppler-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-glib4\", rpm:\"lib64poppler-glib4~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-glib-devel\", rpm:\"lib64poppler-glib-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-qt2\", rpm:\"lib64poppler-qt2~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-qt4-3\", rpm:\"lib64poppler-qt4-3~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-qt4-devel\", rpm:\"lib64poppler-qt4-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64poppler-qt-devel\", rpm:\"lib64poppler-qt-devel~0.10.6~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-03T10:54:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "description": "Check for the Version of irqbalance", "modified": "2018-01-02T00:00:00", "published": "2010-03-12T00:00:00", "id": "OPENVAS:1361412562310830933", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830933", "type": "openvas", "title": "Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"irqbalance on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes a bug in irqbalance that makes it to fail to spread\n IRQs in a SMP or a muli core machine (#57523)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-03/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830933\");\n script_version(\"$Revision: 8269 $\");\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 08:28:22 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-12 17:02:32 +0100 (Fri, 12 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:086\");\n script_name(\"Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of irqbalance\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"irqbalance\", rpm:\"irqbalance~0.55~9.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"irqbalance\", rpm:\"irqbalance~0.55~9.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"irqbalance\", rpm:\"irqbalance~0.55~9.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:136141256231066282", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066282", "type": "openvas", "title": "SLES10: Security update for kdegraphics3-pdf", "sourceData": "#\n#VID slesp2-kdegraphics3-pdf-6653\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for kdegraphics3-pdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66282\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for kdegraphics3-pdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.1~23.26.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:46:13", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3603", "CVE-2009-3608", "CVE-2009-3609"], "description": "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "modified": "2017-09-08T11:58:29", "published": "2009-10-15T04:00:00", "id": "RHSA-2009:1504", "href": "https://access.redhat.com/errata/RHSA-2009:1504", "type": "redhat", "title": "(RHSA-2009:1504) Important: poppler security and bug fix update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:41", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.", "modified": "2017-09-08T12:05:19", "published": "2009-10-15T04:00:00", "id": "RHSA-2009:1513", "href": "https://access.redhat.com/errata/RHSA-2009:1513", "type": "redhat", "title": "(RHSA-2009:1513) Moderate: cups security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:14", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1504\n\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028306.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028309.html\n\n**Affected packages:**\npoppler\npoppler-devel\npoppler-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1504.html", "edition": 3, "modified": "2009-10-30T14:43:58", "published": "2009-10-30T14:43:58", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/028306.html", "id": "CESA-2009:1504", "title": "poppler security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:26:37", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1513\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028256.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028257.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\ncups-lpd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1513.html", "edition": 3, "modified": "2009-10-30T14:43:47", "published": "2009-10-30T14:43:47", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/028256.html", "id": "CESA-2009:1513", "title": "cups security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:33", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "description": "[0.5.4-4.4.el5_4.11]\n- Fixes various flaws addressed in bugs #526637, #526893 and #526915\n which were tracked in #527403.\n- Resolves: #527403\n[0.5.4-4.4.el5_4.10]\n- Add poppler-0.5.4-JBIG2-segment-reading.patch to\n fix reading of arithmetically encoded JBIG2 images with\n unknown length.\n- Resolves: #528147", "edition": 4, "modified": "2009-10-15T00:00:00", "published": "2009-10-15T00:00:00", "id": "ELSA-2009-1504", "href": "http://linux.oracle.com/errata/ELSA-2009-1504.html", "title": "poppler security and bug fix update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:10", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "description": "[1:1.3.7-11:.3]\n- Include NULL pointer check in ObjectStream::getObject. Part of the\n fix for CVE-2009-3608 (bug #526637).\n[1:1.3.7-11:.2]\n- Applied patch to fix CVE-2009-3608 (bug #526637) and\n CVE-2009-3609 (bug #526893). ", "edition": 4, "modified": "2009-10-15T00:00:00", "published": "2009-10-15T00:00:00", "id": "ELSA-2009-1513", "href": "http://linux.oracle.com/errata/ELSA-2009-1513.html", "title": "cups security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-17T13:44:33", "description": "CVE-2009-3608 xpdf/poppler: integer overflow in\nObjectStream::ObjectStream (oCERT-2009-016)\n\nCVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow\n\nCVE-2009-3603 xpdf/poppler: SplashBitmap::SplashBitmap integer\noverflow\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : poppler on SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091015_POPPLER_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60680", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60680);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"Scientific Linux Security Update : poppler on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-3608 xpdf/poppler: integer overflow in\nObjectStream::ObjectStream (oCERT-2009-016)\n\nCVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow\n\nCVE-2009-3603 xpdf/poppler: SplashBitmap::SplashBitmap integer\noverflow\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=528147\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0910&L=scientific-linux-errata&T=0&P=1818\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1aa527e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected poppler, poppler-devel and / or poppler-utils\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"poppler-0.5.4-4.4.el5_4.11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"poppler-devel-0.5.4-4.4.el5_4.11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"poppler-utils-0.5.4-4.4.el5_4.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:07:06", "description": "Updated poppler packages that fix multiple security issues and a bug\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 27, "published": "2009-10-16T00:00:00", "title": "RHEL 5 : poppler (RHSA-2009:1504)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3609"], "modified": "2009-10-16T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:poppler-utils", "p-cpe:/a:redhat:enterprise_linux:poppler-devel", "cpe:/o:redhat:enterprise_linux:5.4", "p-cpe:/a:redhat:enterprise_linux:poppler"], "id": "REDHAT-RHSA-2009-1504.NASL", "href": "https://www.tenable.com/plugins/nessus/42163", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1504. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42163);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_xref(name:\"RHSA\", value:\"2009:1504\");\n\n script_name(english:\"RHEL 5 : poppler (RHSA-2009:1504)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated poppler packages that fix multiple security issues and a bug\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1504\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected poppler, poppler-devel and / or poppler-utils\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:poppler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:poppler-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1504\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"poppler-0.5.4-4.4.el5_4.11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"poppler-devel-0.5.4-4.4.el5_4.11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"poppler-utils-0.5.4-4.4.el5_4.11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"poppler-utils-0.5.4-4.4.el5_4.11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"poppler-utils-0.5.4-4.4.el5_4.11\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"poppler / poppler-devel / poppler-utils\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:57", "description": "Updated poppler packages that fix multiple security issues and a bug\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 26, "published": "2010-01-06T00:00:00", "title": "CentOS 5 : poppler (CESA-2009:1504)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3609"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:poppler", "p-cpe:/a:centos:centos:poppler-utils", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:poppler-devel"], "id": "CENTOS_RHSA-2009-1504.NASL", "href": "https://www.tenable.com/plugins/nessus/43804", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1504 and \n# CentOS Errata and Security Advisory 2009:1504 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43804);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_xref(name:\"RHSA\", value:\"2009:1504\");\n\n script_name(english:\"CentOS 5 : poppler (CESA-2009:1504)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated poppler packages that fix multiple security issues and a bug\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?41096fc6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016271.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08fab85d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:poppler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:poppler-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"poppler-0.5.4-4.4.el5_4.11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"poppler-devel-0.5.4-4.4.el5_4.11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"poppler-utils-0.5.4-4.4.el5_4.11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"poppler / poppler-devel / poppler-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:45", "description": "From Red Hat Security Advisory 2009:1504 :\n\nUpdated poppler packages that fix multiple security issues and a bug\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : poppler (ELSA-2009-1504)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3609"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:poppler-utils", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:poppler-devel", "p-cpe:/a:oracle:linux:poppler"], "id": "ORACLELINUX_ELSA-2009-1504.NASL", "href": "https://www.tenable.com/plugins/nessus/67942", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1504 and \n# Oracle Linux Security Advisory ELSA-2009-1504 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67942);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_xref(name:\"RHSA\", value:\"2009:1504\");\n\n script_name(english:\"Oracle Linux 5 : poppler (ELSA-2009-1504)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1504 :\n\nUpdated poppler packages that fix multiple security issues and a bug\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker\ncould create a malicious PDF file that would cause applications that\nuse poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-3603, CVE-2009-3608,\nCVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nThis update also corrects a regression introduced in the previous\npoppler security update, RHSA-2009:0480, that prevented poppler from\nrendering certain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001201.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:poppler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:poppler-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"poppler-0.5.4-4.4.el5_4.11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"poppler-devel-0.5.4-4.4.el5_4.11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"poppler-utils-0.5.4-4.4.el5_4.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"poppler / poppler-devel / poppler-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:57:10", "description": "USN-850-1 fixed vulnerabilities in poppler. This update provides the\ncorresponding updates for Ubuntu 9.10.\n\nIt was discovered that poppler contained multiple security issues when\nparsing malformed PDF documents. If a user or automated system were\ntricked into opening a crafted PDF file, an attacker could cause a\ndenial of service or execute arbitrary code with privileges of the\nuser invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-11-03T00:00:00", "title": "Ubuntu 9.10 : poppler vulnerabilities (USN-850-3)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:poppler-utils", "p-cpe:/a:canonical:ubuntu_linux:libpoppler5", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt2", "p-cpe:/a:canonical:ubuntu_linux:poppler-dbg", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt4-3", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-glib4", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt4-dev", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-glib-dev", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-dev", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt-dev"], "id": "UBUNTU_USN-850-3.NASL", "href": "https://www.tenable.com/plugins/nessus/42344", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-850-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42344);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703, 36718);\n script_xref(name:\"USN\", value:\"850-3\");\n\n script_name(english:\"Ubuntu 9.10 : poppler vulnerabilities (USN-850-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-850-1 fixed vulnerabilities in poppler. This update provides the\ncorresponding updates for Ubuntu 9.10.\n\nIt was discovered that poppler contained multiple security issues when\nparsing malformed PDF documents. If a user or automated system were\ntricked into opening a crafted PDF file, an attacker could cause a\ndenial of service or execute arbitrary code with privileges of the\nuser invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/850-3/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-glib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-glib4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt4-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:poppler-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:poppler-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-dev\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-glib-dev\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-glib4\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-qt-dev\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-qt2\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-qt4-3\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler-qt4-dev\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpoppler5\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"poppler-dbg\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"poppler-utils\", pkgver:\"0.12.0-0ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpoppler-dev / libpoppler-glib-dev / libpoppler-glib4 / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:45:22", "description": "Specially crafted PDF files could cause buffer overflows in the\npdftops filter when printing such a document. CVE-2009-3608: CVSS v2\nBase Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.", "edition": 23, "published": "2010-10-11T00:00:00", "title": "SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6652)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2010-10-11T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KDEGRAPHICS3-PDF-6652.NASL", "href": "https://www.tenable.com/plugins/nessus/49865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49865);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6652)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in the\npdftops filter when printing such a document. CVE-2009-3608: CVSS v2\nBase Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6652.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"kdegraphics3-pdf-3.5.1-23.26.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"kdegraphics3-pdf-3.5.1-23.26.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:58", "description": "Updated cups packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'pdftops' filter converts\nPortable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An\nattacker could create a malicious PDF file that would cause 'pdftops'\nto crash or, potentially, execute arbitrary code as the 'lp' user if\nthe file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing\nthe update, the cupsd daemon will be restarted automatically.", "edition": 27, "published": "2010-01-06T00:00:00", "title": "CentOS 5 : cups (CESA-2009:1513)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:cups-libs", "p-cpe:/a:centos:centos:cups", "p-cpe:/a:centos:centos:cups-lpd", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:cups-devel"], "id": "CENTOS_RHSA-2009-1513.NASL", "href": "https://www.tenable.com/plugins/nessus/43806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1513 and \n# CentOS Errata and Security Advisory 2009:1513 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43806);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n script_xref(name:\"RHSA\", value:\"2009:1513\");\n\n script_name(english:\"CentOS 5 : cups (CESA-2009:1513)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'pdftops' filter converts\nPortable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An\nattacker could create a malicious PDF file that would cause 'pdftops'\nto crash or, potentially, execute arbitrary code as the 'lp' user if\nthe file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing\nthe update, the cupsd daemon will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016218.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f54d195e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016219.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d07125cc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-1.3.7-11.el5_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-devel-1.3.7-11.el5_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-libs-1.3.7-11.el5_4.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-lpd-1.3.7-11.el5_4.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:07:07", "description": "Updated cups packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'pdftops' filter converts\nPortable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An\nattacker could create a malicious PDF file that would cause 'pdftops'\nto crash or, potentially, execute arbitrary code as the 'lp' user if\nthe file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing\nthe update, the cupsd daemon will be restarted automatically.", "edition": 28, "published": "2009-10-16T00:00:00", "title": "RHEL 5 : cups (RHSA-2009:1513)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-10-16T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:cups-devel", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:cups", "p-cpe:/a:redhat:enterprise_linux:cups-libs", "cpe:/o:redhat:enterprise_linux:5.4", "p-cpe:/a:redhat:enterprise_linux:cups-lpd"], "id": "REDHAT-RHSA-2009-1513.NASL", "href": "https://www.tenable.com/plugins/nessus/42165", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1513. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42165);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n script_xref(name:\"RHSA\", value:\"2009:1513\");\n\n script_name(english:\"RHEL 5 : cups (RHSA-2009:1513)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'pdftops' filter converts\nPortable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An\nattacker could create a malicious PDF file that would cause 'pdftops'\nto crash or, potentially, execute arbitrary code as the 'lp' user if\nthe file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the\nCVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing\nthe update, the cupsd daemon will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1513\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1513\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"cups-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"cups-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"cups-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"cups-devel-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"cups-libs-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"cups-lpd-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"cups-lpd-1.3.7-11.el5_4.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"cups-lpd-1.3.7-11.el5_4.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:45:22", "description": "Specially crafted PDF files could cause buffer overflows in the\npdftops filter when printing such a document. CVE-2009-3608: CVSS v2\nBase Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.", "edition": 23, "published": "2009-11-16T00:00:00", "title": "SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6653)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-11-16T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KDEGRAPHICS3-PDF-6653.NASL", "href": "https://www.tenable.com/plugins/nessus/42816", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42816);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6653)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in the\npdftops filter when printing such a document. CVE-2009-3608: CVSS v2\nBase Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6653.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"kdegraphics3-pdf-3.5.1-23.26.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"kdegraphics3-pdf-3.5.1-23.26.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:04:32", "description": "Specially crafted PDF files could cause buffer overflows in the\npdftops filter when printing such a document. CVE-2009-3608: CVSS v2\nBase Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.", "edition": 23, "published": "2009-11-16T00:00:00", "title": "openSUSE Security Update : kdegraphics3-pdf (kdegraphics3-pdf-1536)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-11-16T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:kdegraphics3-pdf"], "id": "SUSE_11_1_KDEGRAPHICS3-PDF-091110.NASL", "href": "https://www.tenable.com/plugins/nessus/42814", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kdegraphics3-pdf-1536.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42814);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE Security Update : kdegraphics3-pdf (kdegraphics3-pdf-1536)\");\n script_summary(english:\"Check for the kdegraphics3-pdf-1536 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in the\npdftops filter when printing such a document. CVE-2009-3608: CVSS v2\nBase Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=546404\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics3-pdf package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdegraphics3-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kdegraphics3-pdf-3.5.10-1.64.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics3-pdf\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:32:11", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3604", "CVE-2009-3609"], "description": "USN-850-1 fixed vulnerabilities in poppler. This update provides the \ncorresponding updates for Ubuntu 9.10.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when \nparsing malformed PDF documents. If a user or automated system were tricked \ninto opening a crafted PDF file, an attacker could cause a denial of \nservice or execute arbitrary code with privileges of the user invoking the \nprogram.", "edition": 5, "modified": "2009-11-02T00:00:00", "published": "2009-11-02T00:00:00", "id": "USN-850-3", "href": "https://ubuntu.com/security/notices/USN-850-3", "title": "poppler vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:34", "bulletinFamily": "software", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "description": "Integer overflows, race condiotions.", "edition": 1, "modified": "2009-10-28T00:00:00", "published": "2009-10-28T00:00:00", "id": "SECURITYVULNS:VULN:10333", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10333", "title": "CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1188", "CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "description": "Free pdf editing using PdfEdit. Complete editing of pdf documents is made possible with PDFedit. You can change either raw pdf objects (for advanced users) or use predefined gui functions. Functions can be easily added as everything is based on a script. ", "modified": "2010-02-20T00:11:55", "published": "2010-02-20T00:11:55", "id": "FEDORA:8FE6710FD45", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: pdfedit-0.4.3-4.fc13", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3607", "CVE-2009-3608", "CVE-2009-3609"], "description": "Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. ", "modified": "2009-10-27T07:15:39", "published": "2009-10-27T07:15:39", "id": "FEDORA:E114F10F87E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: poppler-0.10.7-3.fc11", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3607", "CVE-2009-3608", "CVE-2009-3609"], "description": "Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. ", "modified": "2009-10-27T07:05:29", "published": "2009-10-27T07:05:29", "id": "FEDORA:096CB10F88B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: poppler-0.8.7-7.fc10", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1188", "CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "description": "Free pdf editing using PdfEdit. Complete editing of pdf documents is made possible with PDFedit. You can change either raw pdf objects (for advanced users) or use predefined gui functions. Functions can be easily added as everything is based on a script. ", "modified": "2010-02-20T00:24:10", "published": "2010-02-20T00:24:10", "id": "FEDORA:44C9610F91D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: pdfedit-0.4.3-4.fc11", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1188", "CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "description": "Free pdf editing using PdfEdit. Complete editing of pdf documents is made possible with PDFedit. You can change either raw pdf objects (for advanced users) or use predefined gui functions. Functions can be easily added as everything is based on a script. ", "modified": "2010-02-20T00:25:46", "published": "2010-02-20T00:25:46", "id": "FEDORA:002871104A0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: pdfedit-0.4.3-4.fc12", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2019-05-30T07:37:02", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "description": "New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/poppler-0.10.7-i486-2_slack13.0.txz: Rebuilt.\n This updated package includes patches based on xpdf 3.02pl4.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/poppler-0.6.2-i486-2_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/poppler-0.6.4-i486-2_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/poppler-0.8.5-i486-3_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/poppler-0.10.7-i486-2_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/poppler-0.10.7-x86_64-2_slack13.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-0.12.1-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-data-0.3.0-noarch-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-0.12.1-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-data-0.3.0-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nb084a88ec1c9e5f1402fccb897040576 poppler-0.6.2-i486-2_slack12.0.tgz\n\nSlackware 12.1 package:\n090431253d54585f5aa4276521c4ba7e poppler-0.6.4-i486-2_slack12.1.tgz\n\nSlackware 12.2 package:\nf68a76fa4c24a6d2c201734a30d66008 poppler-0.8.5-i486-3_slack12.2.tgz\n\nSlackware 13.0 package:\nb107cf8a1b87cf068567a7523b2ed095 poppler-0.10.7-i486-2_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n00db7f2b403b75c41e9845af9fb5acf9 poppler-0.10.7-x86_64-2_slack13.0.txz\n\nSlackware -current packages:\n44884e2ac09419ef8d3da49b2e754ee8 poppler-0.12.1-i486-1.txz\n6eb0574ab09269d8789c4b64a56d6692 poppler-data-0.3.0-noarch-1.txz\n\nSlackware x86_64 -current packages:\nc90a9e6dfa090c0098ca45e5e14f0892 poppler-0.12.1-x86_64-1.txz\n28ac087f83577b39cbed515e501ee447 poppler-data-0.3.0-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg poppler-0.10.7-i486-2_slack13.0.txz", "modified": "2009-10-28T23:28:23", "published": "2009-10-28T23:28:23", "id": "SSA-2009-302-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.518348", "type": "slackware", "title": "poppler", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T07:37:27", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/xpdf-3.02pl4-i486-1_slack13.0.tgz: Upgraded.\n This update fixes several security issues that could lead to an\n application crash, or execution of arbitrary code.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xpdf-3.02pl4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/xpdf-3.02pl4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/xpdf-3.02pl4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 9.1 package:\nfd58cae84772ed2c03ca720b0a71ef49 xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n37cf2a9f5c02b6585d622374cd9a8756 xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\na3e2b22532f7a0190782590ee5310b4b xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n78d27cc6c8a33f21d7e5f21d90aa0c43 xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\nda0134b674360e0509689ad68877a21c xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\ne3a10ebf3f499882a8a364963d6287f9 xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n83b8a9b89877987c65f9c1bf3a01b321 xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddfd41747e7f76e20a8a39911d0080ac xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n4e42d51c18a7e354e961857096e09140 xpdf-3.02pl4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n977dfd83fdb4c1af3d68ffa12c882424 xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nSlackware -current package:\n3c756246f0db86bea9f9f127f1461e8f xpdf-3.02pl4-i486-1.txz\n\nSlackware x86_64 -current package:\nf8f257349bad0cdf7d0bada5654b0190 xpdf-3.02pl4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg xpdf-3.02pl4-i486-1_slack13.0.txz", "modified": "2009-10-28T23:28:02", "published": "2009-10-28T23:28:02", "id": "SSA-2009-302-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854", "type": "slackware", "title": "xpdf", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:27:01", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-2028-1 security@debian.org\nhttp://www.debian.org/security/ Luciano Bello\nApril 5th, 2010 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xpdf\nVulnerability : multiple\nProblem type : local (remote)\nDebian-specific: no\nDebian bug : 551287\nCVE ID : CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606\n CVE-2009-3608 CVE-2009-3609\n\nSeveral vulnerabilities have been identified in xpdf, a suite of tools for\nviewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2009-1188 and CVE-2009-3603\n\n Integer overflow in SplashBitmap::SplashBitmap which might allow remote\n attackers to execute arbitrary code or an application crash via a crafted\n PDF document.\n\nCVE-2009-3604\n\n NULL pointer dereference or heap-based buffer overflow in\n Splash::drawImage which might allow remote attackers to cause a denial\n of service (application crash) or possibly execute arbitrary code via\n a crafted PDF document.\n\nCVE-2009-3606\n\n Integer overflow in the PSOutputDev::doImageL1Sep which might allow\n remote attackers to execute arbitrary code via a crafted PDF document.\n\nCVE-2009-3608\n\n Integer overflow in the ObjectStream::ObjectStream which might allow \n remote attackers to execute arbitrary code via a crafted PDF document.\n\nCVE-2009-3609\n\n Integer overflow in the ImageStream::ImageStream which might allow \n remote attackers to cause a denial of service via a crafted PDF\n document.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.02-1.4+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.02-2.\n\n\nUpgrade instructions\n- ---------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz\n Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny2.diff.gz\n Size/MD5 checksum: 44597 d25be5fd97c9d9171db95025b7c32c5a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny2.dsc\n Size/MD5 checksum: 1274 6cffe3ed50825b5a2746b71c4bd073ac\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny2_all.deb\n Size/MD5 checksum: 1270 6a4da9738ca93522b57cafadb598ca65\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny2_all.deb\n Size/MD5 checksum: 66414 24f28ede9dcaeeb2b7aa24b9603496be\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_alpha.deb\n Size/MD5 checksum: 1019484 8d91cca64026c90667b2d29a94190892\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_alpha.deb\n Size/MD5 checksum: 1895246 cf7dc335f3e5987577ad3559a44f0666\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_amd64.deb\n Size/MD5 checksum: 922594 1ce29c4e15fe4600f557e8d055f5b203\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_amd64.deb\n Size/MD5 checksum: 1709600 989f4f4a09b07c4d08d4b69456e6e8bd\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_arm.deb\n Size/MD5 checksum: 907674 b058407dae72e49939662466b3e3d139\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_arm.deb\n Size/MD5 checksum: 1667592 ebd3ae168496645940066041e51c0e32\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_armel.deb\n Size/MD5 checksum: 1603124 4f79ec52afae68ee081ee2073180878e\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_armel.deb\n Size/MD5 checksum: 886136 38594fe36b0a657a3d91ba2ec7fd74ac\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_hppa.deb\n Size/MD5 checksum: 1076874 054d6b1dee7af918c16a4d30e6a8edf1\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_hppa.deb\n Size/MD5 checksum: 1986502 e895007daa18a3aecb13d84b832799e0\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_i386.deb\n Size/MD5 checksum: 1611516 c73e47d9c96298940bd458c7e8879209\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_i386.deb\n Size/MD5 checksum: 876446 c6e9ebb6d5873552e886e33d92aa4f49\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_ia64.deb\n Size/MD5 checksum: 1379452 9534f82bd859fe271a7013a9bc5a3502\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_ia64.deb\n Size/MD5 checksum: 2518368 a79b724d1f0624272cdd991ea24a5123\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_powerpc.deb\n Size/MD5 checksum: 969642 e30c3db71091c2e541bfd6d59716e83e\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_powerpc.deb\n Size/MD5 checksum: 1789344 a2211808b5cb72323794021645a86219\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_s390.deb\n Size/MD5 checksum: 1599976 4e80942805965de01fc5e55a80d56fdd\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_s390.deb\n Size/MD5 checksum: 872780 d0a544f22acb33fe4736722b57099200\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_sparc.deb\n Size/MD5 checksum: 1586464 6dfc41a2556f6b7f040fc0fd4e302906\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_sparc.deb\n Size/MD5 checksum: 864188 7e473a78134f7209dd729cf5471a5463\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2010-04-05T15:24:30", "published": "2010-04-05T15:24:30", "id": "DEBIAN:DSA-2028-1:2EE25", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00068.html", "title": "[SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:13:08", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2050-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 24, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kdegraphics\nVulnerability : several\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606 CVE-2009-3608 CVE-2009-3609\n\nSeveral local vulnerabilities have been discovered in KPDF, a PDF viewer\nfor KDE, which allow the execution of arbitrary code or denial of \nservice if a user is tricked into opening a crafted PDF document.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4:3.5.9-3+lenny3.\n\nThe unstable distribution (sid) no longer contains kpdf. It's replacement,\nOkular, links against the poppler PDF library.\n\nWe recommend that you upgrade your kdegraphics packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny3.diff.gz\n Size/MD5 checksum: 331735 eb19c67b63df9bea8113c6ce0570f99b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny3.dsc\n Size/MD5 checksum: 2100 4332314f48c3583068f8a4144d4c1e4d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9.orig.tar.gz\n Size/MD5 checksum: 9058343 d66472f22db2dc5b706ed4f52d9b16f5\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny3_all.deb\n Size/MD5 checksum: 14088 db2f2157980256b214726dd8d285cf9c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.9-3+lenny3_all.deb\n Size/MD5 checksum: 146838 f3b12df069df5e721bbae57fe4a0fb10\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 1426340 d87a0e5f0442b7fc64dc31d27be094b2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 507416 f4b8e0f7d541a103209d9e78aad3019c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 2414178 164a5f542ca883185f83b28ce96a8215\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 331616 495d561d9ad550890dbac900c114aa8d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 62098 0147890917b354e67765f26f70515690\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 147112 b10356b326bd4b40ca61edbeac8a2367\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 1136886 6fb9148b54b3227df55204c5f278f6a7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 252536 39ea86786322108507e7517595d5f315\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 110180 3051edb3012f0959eaa99356234ecefd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 445578 fe3a6bce17c1aebc0d6b13ff18cc3e9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 547246 8a6cd8c49cfe527f3e7ab27294d8895d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 113248 4cffc9361cd05d4bc35af2173a0bec36\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 772790 e8eff7f950f54450e2f0e6cbbdd8d34a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 902622 42ab9a2b41f0288cfb9fef469b9a3194\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 13916 aade82b188cec70d7ad505291c73f258\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 77740 05db5a4ae080528ea3a07ccd1114e6d6\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 152308 495305953a72a3296eca760b562ccba8\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 173962 10a70f8016dba32e295e011ae6ccc4be\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 253144 25d936fb5b3045f89b4d5af9d92e286f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 34270914 41a064d04087322673f37b6e3494c25b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 191444 e4eb8865295b49a1cb7685e390a458d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 94560 ae359561ed746dff52f5cdbed7542a55\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 950404 dfd473f83b31221fd2e6cc7e3f15dc0b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 94732 ea771eccd96a22da001c7afc3029694e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 106804 6dc76fbea4a2777f2d6a1b4201dd36f7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 547424 3b67512672959ef69614961ff3c799ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 143804 9ed1c36cb3af3ef47a2cf01b146f45e9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 65120 e41678b500fd7c44b9a07e3d1de11876\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 430820 ba26f24a85da494507d4138647957e68\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 97346 4756890cb70b2b3cf7a88637567e1de8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 242858 002b74650ae339cf5018d116bf89711e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 291218 048c96dee800bf45aa572cb7fd750217\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 900856 fa42d6ec515e66f6f7b61901c008cc35\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 249424 9d08b1fc0a7bab9bec63d8cd8905f270\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 112844 6dfcc9dd87d256a027de232b46e06ca3\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 172410 6d6d3c1573740d33cd0d223c61b5948f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 145934 9fcbea2c9809d9ec7f858232897aea40\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 77136 82f1a5939542be1fe346e9c1ae62cdbc\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 13914 18aad801ef60765b96a13458a2e4620e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 866160 1847d9588c0f0f34bbf54c0d3ba409ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 2353108 ceff80335b6d2b3c65046de3de0ab816\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 775622 270ecedc148e04a2bbab35ad54c5b6f7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 498616 85a183c7bb09c89c3d7609175bf5d441\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 91636 38ab3eedf1b9708ebd2c5c0bd7d7d851\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 1108444 36ad344421a7296169f681b3fceac04c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 1259516 b2b4cd142ab0904b1907a42a61a75389\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 25784708 feefc05bded568ef7ba422014f140e02\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 183798 c8b5638afc58436d3266a67137d7b065\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 228006 e6b2b583dd58c96fc3c6951212188ed9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 163570 8a531ab84e4b7983b5a9e1486ceba3cf\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 124136 a326f6d76e7a039a80c714414f975b15\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 137916 cf5e01c7cf65a7a1e051635e5b26d068\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 1224806 b624c1277645f9b1d2a02215f299d45a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 218408 9b39055fc49190e95ba36c2b518340fe\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 394228 62700492c67e49e4fa22a782d1264dc5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 97866 f9baa79080054ed57b02f25ecdce88cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 746668 41a7dd17eaada953ab75a251f053d6ef\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 2150916 af5c3a49a6f259b87f1714a66d4bf357\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 1043808 61ca6bbc2630542a1fdda00b0eb66eb2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 754498 337c09c10421c1587c3dcb6200996bd9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 71072 8e3dceacf2cf3e118ec7a42b4d30a4c1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 103046 614a5d2001e6c5f245879b2469c0b0da\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 13932 d95477f17c81a2e2556958de62a17e74\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 33565280 b8a6d84a5b7a0205f5bf4e6f5bd6861b\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 162716 67ffd6ff9363a91a4054357670728338\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 94420 9ec2860c4c7389f3fd8e0599ff151c30\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 58826 56b5ca31acb8abff4d546f5fe220b64c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 481148 3a7824da66d19036ef274218b60e1065\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 252118 014aa67f4c10944d8c353972420179c4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 84214 03700b56fd39870412e69b8da76a2a31\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 526358 4566b914a86de0f0321f3df4d848ac93\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 773292 f14f206741bcc6320d33b09aa6563718\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 756128 9935099bef70e2a87edc2e59518f3e1e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 483076 ca300a0a93792fafe221be3a7e271a9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 33023016 e771626419b21cb8e07776ed4e9eabaa\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 164082 35726114623ec484847e998f3ddd2886\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 1047808 4119ac45523d2c532ced7dd0128b5548\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 803896 378537e11ed7c125546419fe57013e47\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 239992 7cf551c8c903642edf4f2433f2892563\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 2170534 fcda8df47940f0f7bf03d77533f6a68d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 71562 4ed2196a13fd1e4827b1352ef18866d6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 83598 3d608aea9ba9d344e7504c1cda805635\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 218108 6cd30a50ab8c60f29d7e2bdf59583f19\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 59526 e91ddd42b6fbad3ac474890ef9c03f54\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 98060 2082fff416b3bae15594a414d244d868\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 228118 433ceba4d9ae414f6a7447b221f83352\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 101880 24f0684ebec7eb88fae2a5afc274dd22\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 748338 8e9c15c3ad9d68695ff1f6d99e24c77c\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 125200 d2f3d96cac359767ab870033a1a31953\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 136956 697254d1bfec365023f04e89fa6f74cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 94700 af55970146138350b93642f52ab01529\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 386450 15627611136b761ccd2f8853fba3ad6a\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 1052510 9a8ee4fe03cfa177cb51c33edb43d957\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 527914 39c57a9a1062a6dbcc84c5f9524c2230\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 13928 b5335ef22f269e12dd0f08348369161e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 166608 fc67db197ae1a47f6652958fabce2b0a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 80216 748d43b3c110ef67119097ba6784c359\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 508872 9facce46663a5687bc37d3b15ab7abcb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 26293712 781f2d43eb31c2fdc631c3208816d42f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 889278 1a5a5d246e0d87023bda8326194b15bd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 947172 df8ae806dd44dd9297004e7799bbac4c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 761122 231ea78722de96b4f76dd778eb0f44f3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 1131740 670d904f985c538a1a669c6ca36c18dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 2470202 007739344f6728541e5928ce8089a3e9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 177428 eff81bec7180718f62a0b96554842ddf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 60602 5359c15604067dad9cb15e1a5a829cc0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 450052 dd985ad62b3ef82181e41a3a30b1d078\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 101974 93d0224a60a8ed5befc1327582ffb22c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 96266 840a68924f01f05be49c203b737e3fd7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 258502 e3b47ad95f0f4ea91bdf7480dd5f805c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 95732 a262d13eb15d210059180e4e4d4c1632\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 111118 efd649ab4a38915a916a042664a3d200\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 559210 5846e3340e515e41e6f8c3fc404ac796\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 151764 9ed6d19eb7f1a630b0bb8083c0cb9b62\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 1383406 5731831641d5be54ddeddb6a1d3e8f7b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 13928 2452c67c9c4f14db0c598a0f00773274\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 170172 18c0af0579bdfff6b998c25b318e7611\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 253258 ee98f3dd01fde5bb3ea23b4b1098880a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 301464 7a4ae24b6c0c422d8ccce5e3918e0760\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 141096 e799d3dde0b5c75d75bda8a84facd9b2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 25305468 d0afb18086fecb2c5dce919ef6965ba6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 1069616 a805cca067ffdf8e81153561a32b1dc0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 538470 073406d2b9cd37f068f86212a1e689e6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 844186 c6e83f1304c076620ae650de74479820\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 168506 72d32fe91101d788f2d2e2b643a39a97\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 395088 740a060f1c3061876efb10b8f254e238\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 489798 5157878e5374a32625e6ce368bc9425c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 62464 a6e7bb72a818065bc41b34effd952911\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 255652 706119a8b534fdfad8e7a690dae3a425\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 74884 fcd67e55d37a2ac328b4de1f55171c8d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 223448 d9e2fa61cdd323ce166ac7fa24246900\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 108504 3001afb3289162360e509d29e41df5b8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 760636 c77f14fb70cf2fbaa668682fd76d6257\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 236188 7870f361d063a2db96a9d329de7ec2e2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 94730 18a03aac49374ee66eeafc30854ade20\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 13922 cb6a2e0bbaefacd07c796c7f1c375fa2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 88812 e0863f6267fdb2deb1785bb3fed37188\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 1233534 bd0518695dff2525ba875bcad2a0fdf7\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 132804 cb42ed02760402a4dc18e2c9b2279077\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 99534 142c360fad179aaa488dd0f2285f7ae7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 141612 93dfff2c058d4a689b4eed9c763f9628\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 809444 2fd841c2f6e5ee7b4b924179d713e9a3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 172952 8fb5734ef86811c273a0df5313b1548b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 2255778 5f864f77d55e940021c4af96805e446b\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 300734 28572b5f25e429cade69601a76ff1af7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 216154 52a76b3234a66b0ec4167c353fc18f7f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 489262 6900076fa098cc4a3a473a39afdf356d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 818896 c317b6591aa8b735b751b2b56de6b666\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 616778 96718d2fc084d85bba0ea676003a0561\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1256712 99342a24712959cfc06e3614a5c110da\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 2751012 bbabd6a6fe07f829f821cc9adbf97ed8\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 13914 fb88c5497cb421ecaa82371e1e011aaf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 25367580 8003a413174da9946d2b45cdff8cc2b9\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1493524 f64f460a808dfb47828cdb3eed314174\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 159492 3e76cd4dda7a001d21b998336a4e5b72\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 124712 185a56028d05a218643527c25fc7ab05\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 532554 b54af5bd4f353df81e2cef561897b945\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 383596 ba1a7efafff3bcb57bb9bd3c5f362579\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1210936 903d7375c01bd62e6d91f104dcb9cb27\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 67212 7470482b67b4679a1f02b374d8f39a43\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 90000 48e7852ea6055c88abc3fc68b905898b\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 182514 721658519b55391f789e0057a4f51aa5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1171260 388964d72829c1561ee9887219bc2a53\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 294698 ef4fdae8a7ce517abc72e3bc417623b5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 124710 e7a30554d63fed42fcaa9570edf5e3de\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 94724 2031c6a209c1b82f3e28c1681c4df53f\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 178956 ad4ae800a1c463d396b333b3455e3a9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 112226 3429ba0494a3e135836f3047216ca51d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 205776 09a46f2b1a4696265925d96289d2c954\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 2117250 98e129ed50e7281949e1ba948ce4ff2e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 828192 cf30f9dc8b4e609a78aa7276565d979c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 177358 800ec95a1f9727446ced1d62ebbb84fc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 58732 461888ae1b72cf500d676210685cccf1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 1110366 b1a05b819bc495b97054e15f2edb1559\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 757664 a67e42c3de1b75330b51c253ffa4af11\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 749642 be99a70083200d9b9e433fc88f127b97\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 222920 5eb577b72cccbad24d386f2ae8abd751\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 104356 a8484cd92d25f83fd018da03a9af2111\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 96108 78bb36ba0b0959a7a47a8e4f8a1c1db7\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 124162 df9b74240fbc5797cc8d358e765c6f96\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 100896 844150a4b067c172f4208a2992fde366\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 169228 aaab39bcb4bc593936d3e96a2da3dd0e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 391840 f8e576b38fe0edfa81e8f0f12c6c3c40\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 13922 52613b650ea8f510a072389d1e6e2220\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 519360 6cd3f3b8589467ff3bb9f648e5da1aa8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 83680 88d89a64940b4e70db9e2765ed396b87\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 249938 142be89615e0311d75cc157bd6abe27e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 71352 c2be77da86c2ca24a2d1ce812c913519\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 26712818 d4cf9db64a7dea043cccbdd7c2338d1c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 481564 d6f7072988b2e26f6e44f736dfb34cae\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 1090892 674d351fbb74c4addb57efe0c4b1b50d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 139708 96df043f4cb00dc3385c5b2733eceb9c\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 138988 deed7cd133c26da5fa0e8975a36f2a2c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 814156 7b59e58e6fcba2db91731d7424a5d2fe\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 169024 251efa6334a9479e341210a63eb5a9d7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 391628 691e88c43cfa33648a150ba0f7b51318\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 746272 901f4bb96254f028558061a8e6ae99d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 242124 3f8dca1ad2d544cf0ab2b63cf00a5db8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 2100336 a8f21b235703e1e92d9bb83fac1dace6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 755876 f1e43e33b508a77b21c0d51e50a2b2ba\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 479862 17992b21234ff40bf3e25ff91d10c0a7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 59034 6ad334aeffa4cbc9635c2912d7b7ee0b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 13922 c8dfe29856ed40bf2b57ccbc7ff08d98\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 205010 6b34688e005428619dc0ceed6b6be703\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 103284 f676581b6a6db54b24667fdb29a56454\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 100296 f5cce08919fa5a94f603794eb0a36d53\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 71362 38371caca25c52c091992f796da7b51d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 176302 910a27cde9019f095068766fc3296ca9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 97524 84aaf7ae11d3a1be931a99da495f28c3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 1107428 d346ffe2d0a303e20e8f16a5b73f70ef\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 220448 e8146f56e60adfa8849f8329dfbab80b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 82704 48a228b6a59863b53e80ec825cb3d903\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 1062550 59fcbdc2507945518c305a2d985e3334\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 519062 9692d6e7b5d1a98827b6b81615ffe932\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 122546 1151088c9f0c762a4dec0120520e8150\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 25692790 c9b6109cdb94a6d90672a2e891ebf832\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 1326840 2ec2c1bc990e9abb0beaa989bf9849a4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 109436 181b899bbe98330085eeced5a11633e1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 860656 582e17ddfe8d9647028fba69b945ec2e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 774376 4b53e3fa1b57c3966ab8ace673c268d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 247376 3622102eeda4ee767f05fa4ee440d59e\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 13936 0d81e4e73c0860a3877d3a55e9e308bb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 97582 f03575a8469d475023db47245ac50e7f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 116366 c94b0bef5fc28320865285672ea9a0a3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 245298 2a7df1900254fc78bb742a33562c5712\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 148348 eb643db9dc6e17086664c67394243471\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 890752 bb6cafe840e0022bbc5419221e8f8dd3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 499926 7413160bcf426330e9ac0bdf6223dcd9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 323888 43a4cd576987d24525fadd341534d053\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 443654 6a3b824bf504721f9a462db5f36e62b0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 552440 fcedbf86323870aeccb2311432486284\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 78502 bb5d15473e4bddc5c020f62266d6c223\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 176116 95a98f65b4131520e321dd3be8eae84a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 93034 4da9b131a970874d879b2ea3cadd7c82\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 66942 628e0162dc9951b812d28959169a97d4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 2377750 9363d4702e54dc7b1cc0eb98c23a9804\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 184490 19bbca7e884974c51439ae1f0907478d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 1080540 4925b6a37016999440472e87b2d3af25\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 26525076 ea014f1f8e624fbf0a63a284d2ded8d8\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 139332 def9b6e887a7a5ab3492b985dfe2d300\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 183988 f04cfbaaca7f4317150edffd71a795d4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 2316688 eb9f3a10aa750d176665ec64b7fb1975\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 93972 16f29eed06a38662e8a0e5d35f94e6d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 63676 c7ff6674bbdd0e19cfafddae89dcd76e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 776262 2f1f108a6dc99c57b9db080322173998\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 877924 99207a423ccf38a16de2312c47efff56\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 145326 d14d6ec17a5177fdb70ddf382406d25b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 113560 652e8c2382c6419651b532bb746d6f4c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 248288 68116fb1c73010b87c05a7fc729c46b2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 546010 a11225131898df3980569ce7d0ad6493\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 271090 07fd7e322a0301d174e7e8cc74bb1ae9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 148066 cb59103e1a0c8894ba3b4e79e979a02a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 1107864 793edc1e18ff854fb72b0b54cba837dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 75694 d460eb28b1da9f70727e1afa02f40130\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 1202704 1b724a5bfb81efe390f8f32801334247\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 425296 1ed8693d5850bbd5e718de471115e8b6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 251648 790623c5975aa371951a77abffc6c0af\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 175008 ac480a8d523348402ed12b5a05e26a78\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 901670 9f6bba612b930b803efc3b30205fa69a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 94710 f89101f200e02f41c975197015a62a62\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 13908 87f5a8d4bc8f7fb2cfaede6a7fd7636c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 26230158 243106eb0ff6d5143e72a906f71f1e0d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 106678 903215e0f5961022d0274159c73ff781\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 502252 c32a67de593ae40ef976e70d816b9db5\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 73782 c3373e10c33cb6d8eb835d0ab2bd6168\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 487858 4b188d0fd44e4ecb6d73a1d9a739df0c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 25143248 80e94dabb0bd55d853fb11f72ca3a26f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 173284 047191e44bf1c139478a13be439e8e48\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 97534 90632cc999a0f1a7818e619526c62f80\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 761544 23517d232d0bc88c1fed39a7ead3a110\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 391918 d1bd48368c79584497016e1ea6e329a5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 105564 ffa5616368ebe6467c49afcc12541f03\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 791268 b1522eccd589de130f73287680f16ee3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 538886 406e86dae5b7b7bf2a591e9cf677370e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 836104 45bfacb504372cf839c609aa6af188af\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 251682 204e2da3dde0abef4ad8c14e48374e22\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 129798 83eaf19c002d9ede83c22548bb1d566f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 83272 add6bc2a75f9459935fa41228f7bce5a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 1056214 66ee7780c5da923addfffdb057f5bdae\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 231460 cb2d4fb77e59641cc04e8adca395764e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 2297940 33556e52b1771341d8f3ded7a19b0425\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 142754 40d4de6b757a6122d545071870140a74\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 62848 46bf3794ee54db7d849006cf93b5038f\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 13922 3b6176766ea4096ab88aa043887f3cdf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 217532 15b4ab27963da68893cb1060b2af7b29\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 169422 547a9d38543607bcca665f5066bf4e8c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 1290452 e45c8ad225b31f327a64c5da05aed69a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 99542 2b8d74e5759e17161a54260997385ac2\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2010-05-24T15:38:55", "published": "2010-05-24T15:38:55", "id": "DEBIAN:DSA-2050-1:A72F5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00092.html", "title": "[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
