Date: prev next · Thread: first prev next last
2016 Archives by date, by thread · List index


On 07.10.2016 13:54, Khaled Hosny wrote:
On Fri, Oct 07, 2016 at 01:00:05PM +0200, Michael Stahl wrote:
On 05.10.2016 23:50, Larry Evans wrote:
On 10/05/2016 03:07 PM, Michael Stahl wrote:
On 05.10.2016 17:24, Michael Meeks wrote:

actually the separate process is a potential security advantage, if we
would only realize that and sandbox it properly - C++ based PDF readers
tend to accumulate quite some CVEs...
[snip]
CVE = Common Vulnerabilities and Exposures?:
   https://cve.mitre.org/about/

yes, now look here
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=xpdf

PDFium (Chrome’s embedded PDF reader), is not much better either:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdfium

ok that looks pretty bad, but then what can you expect from C++... did
anybody write a PDF library in Rust yet?  that would be the one i'd want
to use :)


Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.