| Release | Version |
|---|---|
| jessie | 1.3.6p1-5+deb8u1 |
| stretch | 1.7.6+dfsg1-5+deb9u1 |
| buster | 1.9.0-5 |
| bullseye | 1.10.0-6+deb11u1 |
| bookworm | 1.11.0-3 |
| trixie | 1.13.0-6 |
| sid | 1.13.0-6 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-52389 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow a ... |
| Bug | Description |
|---|---|
| CVE-2017-1000472 | The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO ... |
| CVE-2014-0350 | The Poco::Net::X509Certificate::verify method in the NetSSL library in ... |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... |
| CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... |
| DSA / DLA | Description |
|---|---|
| DSA-4083-1 | poco - security update |
| DLA-1239-1 | poco - security update |