From 353977cfe098ab38f90f36622a018f6e26fd4583 Mon Sep 17 00:00:00 2001
From: Sebul <sebuls@gmail.com>
Date: Sat, 15 Feb 2020 20:11:23 +0900
Subject: evince

---
 korean/security/2020/dsa-4624.wml | 43 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 korean/security/2020/dsa-4624.wml

diff --git a/korean/security/2020/dsa-4624.wml b/korean/security/2020/dsa-4624.wml
new file mode 100644
index 00000000000..3b3e389da15
--- /dev/null
+++ b/korean/security/2020/dsa-4624.wml
@@ -0,0 +1,43 @@
+#use wml::debian::translation-check translation="8be684d647389ee3db99d941206fa9b5cbef2621" maintainer="Sebul"
+<define-tag description>보안 업데이트</define-tag>
+<define-tag moreinfo>
+<p>여러 취약점을 evince에서 발견했습니다.</p>
+
+<ul>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-1000159">CVE-2017-1000159</a>
+
+    <p>Tobias Mueller reported that the DVI exporter in evince is
+    susceptible to a command injection vulnerability via specially
+    crafted filenames.</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-11459">CVE-2019-11459</a>
+
+    <p>Andy Nguyen reported that the tiff_document_render() and
+    tiff_document_get_thumbnail() functions in the TIFF document backend
+    did not handle errors from TIFFReadRGBAImageOriented(), leading to
+    disclosure of uninitialized memory when processing TIFF image files.</p></li>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010006">CVE-2019-1010006</a>
+
+    <p>A buffer overflow vulnerability in the tiff backend could lead to
+    denial of service, or potentially the execution of arbitrary code if
+    a specially crafted PDF file is opened.</p></li>
+
+</ul>
+
+<p>For the oldstable distribution (stretch), these problems have been fixed
+in version 3.22.1-3+deb9u2.</p>
+
+<p>For the stable distribution (buster), these problems have been fixed in
+version 3.30.2-3+deb10u1. The stable distribution is only affected by
+<a href="https://security-tracker.debian.org/tracker/CVE-2019-11459">CVE-2019-11459</a>.</p>
+
+<p>evince 패키지를 업그레이드 하는 게 좋음.</p>
+
+<p>evince의 자세한 보안 상태는 보안 추적 페이지 참조:
+<a href="https://security-tracker.debian.org/tracker/evince">https://security-tracker.debian.org/tracker/evince</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2020/dsa-4624.data"
-- 
cgit v1.2.3