[Secure-testing-commits] r50408 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Apr 6 14:58:35 UTC 2017
Author: hertzog
Date: 2017-04-06 14:58:35 +0000 (Thu, 06 Apr 2017)
New Revision: 50408
Modified:
data/CVE/list
Log:
Mark CVE-2016-10217 as not affecting jessie and wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-06 12:45:57 UTC (rev 50407)
+++ data/CVE/list 2017-04-06 14:58:35 UTC (rev 50408)
@@ -4516,8 +4516,11 @@
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697444
CVE-2016-10217 (The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. ...)
- ghostscript <unfixed> (bug #859662)
+ [jessie] - ghostscript <not-affected> (Unreproducible in jessie)
+ [wheezy] - ghostscript <not-affected> (Unreproducible in wheezy)
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697456
+ NOTE: I can reproduce the issue in stretch/sid with valgrind (ghostscript 9.20~dfsg-3) but not in wheezy and not in jessie -- Raphael Hertzog
CVE-2016-10216 (An issue was discovered in IT ITems DataBase (ITDB) through 1.23. The ...)
NOT-FOR-US: IT ITems DataBase
CVE-2016-10215 (An issue was discovered in Fastspot BigTree bigtree-form-builder before ...)
More information about the Secure-testing-commits
mailing list