diff options
| author | Sebul <sebuls@gmail.com> | 2020-02-15 20:11:23 +0900 |
|---|---|---|
| committer | Sebul <sebuls@gmail.com> | 2020-02-15 20:11:23 +0900 |
| commit | 353977cfe098ab38f90f36622a018f6e26fd4583 (patch) | |
| tree | ff888415ecbdbff4a8a16754d13dfa80163f31c7 | |
| parent | f3738f89ecc8150eaa9f9650c39fe16d94913fb7 (diff) | |
evince
| -rw-r--r-- | korean/security/2020/dsa-4624.wml | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/korean/security/2020/dsa-4624.wml b/korean/security/2020/dsa-4624.wml new file mode 100644 index 00000000000..3b3e389da15 --- /dev/null +++ b/korean/security/2020/dsa-4624.wml @@ -0,0 +1,43 @@ +#use wml::debian::translation-check translation="8be684d647389ee3db99d941206fa9b5cbef2621" maintainer="Sebul" +<define-tag description>보안 업데이트</define-tag> +<define-tag moreinfo> +<p>여러 취약점을 evince에서 발견했습니다.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000159">CVE-2017-1000159</a> + + <p>Tobias Mueller reported that the DVI exporter in evince is + susceptible to a command injection vulnerability via specially + crafted filenames.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-11459">CVE-2019-11459</a> + + <p>Andy Nguyen reported that the tiff_document_render() and + tiff_document_get_thumbnail() functions in the TIFF document backend + did not handle errors from TIFFReadRGBAImageOriented(), leading to + disclosure of uninitialized memory when processing TIFF image files.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010006">CVE-2019-1010006</a> + + <p>A buffer overflow vulnerability in the tiff backend could lead to + denial of service, or potentially the execution of arbitrary code if + a specially crafted PDF file is opened.</p></li> + +</ul> + +<p>For the oldstable distribution (stretch), these problems have been fixed +in version 3.22.1-3+deb9u2.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 3.30.2-3+deb10u1. The stable distribution is only affected by +<a href="https://security-tracker.debian.org/tracker/CVE-2019-11459">CVE-2019-11459</a>.</p> + +<p>evince 패키지를 업그레이드 하는 게 좋음.</p> + +<p>evince의 자세한 보안 상태는 보안 추적 페이지 참조: +<a href="https://security-tracker.debian.org/tracker/evince">https://security-tracker.debian.org/tracker/evince</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4624.data" |