[Secure-testing-commits] r51144 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Apr 28 09:20:55 UTC 2017 

Author: carnil
Date: 2017-04-28 09:20:55 +0000 (Fri, 28 Apr 2017)
New Revision: 51144

Modified:
   data/CVE/list
Log:
Add fixed version for ghostscript upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-28 09:20:45 UTC (rev 51143)
+++ data/CVE/list	2017-04-28 09:20:55 UTC (rev 51144)
@@ -44,7 +44,7 @@
 	- libressl <itp> (bug #754513)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/27/11
 CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and ...)
-	- ghostscript <unfixed> (bug #861295)
+	- ghostscript 9.20~dfsg-3.1 (bug #861295)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate of 697799)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697799 (made private)
 	NOTE: Full report viewable at: https://bugzilla.suse.com/show_bug.cgi?id=1036453
@@ -6603,7 +6603,7 @@
 	RESERVED
 CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in Artifex ...)
 	{DLA-905-1}
-	- ghostscript <unfixed> (bug #859696)
+	- ghostscript 9.20~dfsg-3.1 (bug #859696)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
 	NOTE: Fixed by: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
 CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) ...)
@@ -6641,12 +6641,12 @@
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697400
 CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in Artifex ...)
 	{DLA-905-1}
-	- ghostscript <unfixed> (bug #859694)
+	- ghostscript 9.20~dfsg-3.1 (bug #859694)
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697450
 CVE-2016-10219 (The intersect function in base/gxfill.c in Artifex Software, Inc. ...)
 	{DLA-905-1}
-	- ghostscript <unfixed> (bug #859666)
+	- ghostscript 9.20~dfsg-3.1 (bug #859666)
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697453
 CVE-2016-10218 (The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF ...)
@@ -6655,7 +6655,7 @@
 	NOTE: Introduced by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=47294ff5b168d25bfc7db64f51572d64b8ebde91
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697444
 CVE-2016-10217 (The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. ...)
-	- ghostscript <unfixed> (bug #859662)
+	- ghostscript 9.20~dfsg-3.1 (bug #859662)
 	[jessie] - ghostscript <not-affected> (pdf14_cleanup_parent_color_profiles not yet present)
 	[wheezy] - ghostscript <not-affected> (pdf14_cleanup_parent_color_profiles not yet present)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb

More information about the Secure-testing-commits mailing list