[Secure-testing-commits] r54555 - data/CVE
Hugo Lefeuvre
hle at moszumanska.debian.org
Thu Aug 10 17:03:32 UTC 2017
Author: hle
Date: 2017-08-10 17:03:32 +0000 (Thu, 10 Aug 2017)
New Revision: 54555
Modified:
data/CVE/list
Log:
mupdf not affected by CVE-2016-10246, CVE-2016-10247 and CVE-2017-6060 in wheezy: Vulnerable code not present (present since 1.4)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-10 16:54:57 UTC (rev 54554)
+++ data/CVE/list 2017-08-10 17:03:32 UTC (rev 54555)
@@ -16822,11 +16822,13 @@
NOTE: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in ...)
- mupdf <unfixed> (unimportant)
+ [wheezy] - mupdf <not-affected> (Vulnerable code not present)
NOTE: Although jstest_main.c compiled during build and mujstest is created
NOTE: it is not included in the produced binary packages
NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/19
CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstest in ...)
- mupdf <unfixed> (unimportant)
+ [wheezy] - mupdf <not-affected> (Vulnerable code not present)
NOTE: Although jstest_main.c compiled during build and mujstest is created
NOTE: it is not included in the produced binary packages
NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/20
@@ -19026,6 +19028,7 @@
NOT-FOR-US: SAP
CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in Artifex ...)
- mupdf <unfixed> (unimportant)
+ [wheezy] - mupdf <not-affected> (Vulnerable code not present)
NOTE: Although jstest_main.c compiled during build and mujstest is created
NOTE: it is not included in the produced binary packages
NOTE: http://www.openwall.com/lists/oss-security/2017/02/18/1
More information about the Secure-testing-commits
mailing list