office/evince
office/evince
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/evince synced 2024-06-28 13:44:46 +00:00
Code Issues Projects Releases Wiki Activity
gnome-46
evince/NEWS-security.md
Germán Poo-Caamaño db2697e978 NEWS: Add CVE numbers close their release notes 
Some bug fixes did not happen to have a CVE number in the NEWS file.

Added also NEWS-security.md to aggregate the security fixes in Evince
across branches.  For example, CVE-2017-1000083 affected only until
version 3.24, which was already branched. Therefore, it does not
appear in the NEWS file from master. Sometimes, people want to have
a quick look if CVE are fixed in a product. By adding this file, we
hope we can cope with that need.

Fixes #864
2018-08-01 16:03:51 -04:00

558 B
Raw Permalink Blame History

Security fixes

  • Evince 3.24.1

    • Remove support for tar and tar-like commands in commics backend (#784630). CVE-2017-1000083. (Bastien Nocera)

  • Evince 3.21.92

    • Fix a crash when processing button events in EvView (#769700) CVE-2013-3718. (Marek Kasik)

  • Evince 2.91.5

    • Fix several security issues in dvi backend. CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643. (José Aliste)

  • Evince 0.7.0

    • Buffer overflow in PS backend (#380191). CVE-2006-5864. (Carlos Garcia Campos)