mirror of
https://gitlab.gnome.org/GNOME/evince
synced 2024-06-30 22:54:23 +00:00
NEWS: Add CVE numbers close their release notes
Some bug fixes did not happen to have a CVE number in the NEWS file. Added also NEWS-security.md to aggregate the security fixes in Evince across branches. For example, CVE-2017-1000083 affected only until version 3.24, which was already branched. Therefore, it does not appear in the NEWS file from master. Sometimes, people want to have a quick look if CVE are fixed in a product. By adding this file, we hope we can cope with that need. Fixes #864
This commit is contained in:
parent
76c3920aa1
commit
db2697e978
16
NEWS
16
NEWS
|
@ -380,11 +380,14 @@ Bug fixes:
|
||||||
* Fix several memory leaks (#770070 and #770069, Eric R. Schulz)
|
* Fix several memory leaks (#770070 and #770069, Eric R. Schulz)
|
||||||
* Fix scaling calculation in PostScript backend (#755776, Jason
|
* Fix scaling calculation in PostScript backend (#755776, Jason
|
||||||
Crain)
|
Crain)
|
||||||
* Fix a crash when processing button events in EvView (#769700,
|
|
||||||
Marek Kasik)
|
|
||||||
* Fix a crash when opening a copy of a document with annotation
|
* Fix a crash when opening a copy of a document with annotation
|
||||||
popup windows (#760299, Jose Aliste)
|
popup windows (#760299, Jose Aliste)
|
||||||
|
|
||||||
|
Security Fixes:
|
||||||
|
|
||||||
|
* Fix a crash when processing button events in EvView (#769700)
|
||||||
|
CVE-2013-3718. (Marek Kasik)
|
||||||
|
|
||||||
Translation updates:
|
Translation updates:
|
||||||
|
|
||||||
* David Medina (ca)
|
* David Medina (ca)
|
||||||
|
@ -2975,11 +2978,14 @@ New Features and UI Improvements:
|
||||||
Bug fixes:
|
Bug fixes:
|
||||||
|
|
||||||
* Fix return value in g_return_val_if_fail() macro (Daniel Garcia)
|
* Fix return value in g_return_val_if_fail() macro (Daniel Garcia)
|
||||||
* Fix several security issues in dvi backend: CVE-2010-2640,
|
|
||||||
CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643 (José Aliste)
|
|
||||||
* Do not use deprecated API: GdkCursor, GtkStyle, size-request
|
* Do not use deprecated API: GdkCursor, GtkStyle, size-request
|
||||||
(Carlos Garcia Campos)
|
(Carlos Garcia Campos)
|
||||||
|
|
||||||
|
Security Fixes:
|
||||||
|
|
||||||
|
* Fix several security issues in dvi backend: CVE-2010-2640,
|
||||||
|
CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643 (José Aliste)
|
||||||
|
|
||||||
Translation updates:
|
Translation updates:
|
||||||
|
|
||||||
* Khaled Hosny (ar)
|
* Khaled Hosny (ar)
|
||||||
|
@ -5214,7 +5220,7 @@ Bug Fixes:
|
||||||
|
|
||||||
Security Fixes:
|
Security Fixes:
|
||||||
|
|
||||||
* Buffer overflow in PS backend. CVE-2006-5864. (Carlos Garcia Campos)
|
* Buffer overflow in PS backend (#380191). CVE-2006-5864. (Carlos Garcia Campos)
|
||||||
|
|
||||||
Translations:
|
Translations:
|
||||||
|
|
||||||
|
|
23
NEWS-security.md
Normal file
23
NEWS-security.md
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
Security fixes
|
||||||
|
==============
|
||||||
|
|
||||||
|
* Evince 3.24.1
|
||||||
|
|
||||||
|
* Remove support for tar and tar-like commands in commics backend
|
||||||
|
(#784630). CVE-2017-1000083. (Bastien Nocera)
|
||||||
|
|
||||||
|
* Evince 3.21.92
|
||||||
|
|
||||||
|
* Fix a crash when processing button events in EvView (#769700)
|
||||||
|
CVE-2013-3718. (Marek Kasik)
|
||||||
|
|
||||||
|
* Evince 2.91.5
|
||||||
|
|
||||||
|
* Fix several security issues in dvi backend.
|
||||||
|
CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643.
|
||||||
|
(José Aliste)
|
||||||
|
|
||||||
|
* Evince 0.7.0
|
||||||
|
|
||||||
|
* Buffer overflow in PS backend (#380191).
|
||||||
|
CVE-2006-5864. (Carlos Garcia Campos)
|
Loading…
Reference in New Issue
Block a user