[Secure-testing-commits] r55202 - data/CVE

Tue Aug 29 17:08:29 UTC 2017

Author: pochu
Date: 2017-08-29 17:08:29 +0000 (Tue, 29 Aug 2017)
New Revision: 55202

Modified:
   data/CVE/list
Log:
poppler uploaded to sid

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-29 17:04:20 UTC (rev 55201)
+++ data/CVE/list	2017-08-29 17:08:29 UTC (rev 55202)
@@ -8912,8 +8912,7 @@
 CVE-2017-9866
 	RESERVED
 CVE-2017-9865 (The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (bug #867477)
+	- poppler 0.57.0-2 (bug #867477)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100774
 	NOTE: http://somevulnsofadlab.blogspot.com/2017/06/popplerstack-buffer-overflow-in.html
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=75fff6556eaf0ef3a6fcdef2c2229d0b6d1c58d9
@@ -10522,13 +10521,11 @@
 CVE-2017-9777
 	RESERVED
 CVE-2017-9776 (Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (bug #865679)
+	- poppler 0.57.0-2 (bug #865679)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101541
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc
 CVE-2017-9775 (Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (bug #865680)
+	- poppler 0.57.0-2 (bug #865680)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101540
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=8f4ff8243a3d599ff2a6c08b1da389e606ba4fc9
 CVE-2017-9774 (Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a ...)
@@ -11710,8 +11707,7 @@
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/458
 CVE-2017-9408 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (low; bug #864009)
+	- poppler 0.57.0-2 (low; bug #864009)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
@@ -11723,8 +11719,7 @@
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/459
 CVE-2017-9406 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (low; bug #864010)
+	- poppler 0.57.0-2 (low; bug #864010)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
@@ -17631,8 +17626,7 @@
 CVE-2017-7516
 	RESERVED
 CVE-2017-7515 (poppler through version 0.55.0 is vulnerable to an uncontrolled ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (unimportant)
+	- poppler 0.57.0-2 (unimportant)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101208
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=771c82623e8e1e0c92b8ca6f7c2b8a81ccbb60d3
 	NOTE: Crash in CLI tool, no security implications
@@ -17645,8 +17639,7 @@
 CVE-2017-7512 (Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before ...)
 	NOT-FOR-US: Red Hat 3scale
 CVE-2017-7511 (poppler since version 0.17.3 has been vulnerable to NULL pointer ...)
-	[experimental] - poppler 0.57.0-1
-	- poppler <unfixed> (unimportant; bug #863759)
+	- poppler 0.57.0-2 (unimportant; bug #863759)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101149
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101153
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a


