[Secure-testing-commits] r55214 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Aug 29 21:10:14 UTC 2017
Author: sectracker
Date: 2017-08-29 21:10:14 +0000 (Tue, 29 Aug 2017)
New Revision: 55214
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-29 20:20:29 UTC (rev 55213)
+++ data/CVE/list 2017-08-29 21:10:14 UTC (rev 55214)
@@ -1,5 +1,5 @@
CVE-2017-13753 (There is a reachable assertion abort in the function JPC_NOMINALGAIN() ...)
- REJECTED
+ TODO: check
CVE-2017-13752 (There is a reachable assertion abort in the function jpc_dequantize() ...)
- jasper <removed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485276
@@ -124,8 +124,8 @@
RESERVED
CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as ...)
TODO: check
-CVE-2016-10503
- RESERVED
+CVE-2016-10503 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated ...)
+ TODO: check
CVE-2017-13715 (The __skb_flow_dissect function in net/core/flow_dissector.c in the ...)
- linux 4.3.1-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -258,8 +258,8 @@
RESERVED
CVE-2017-13674
RESERVED
-CVE-2017-13673
- RESERVED
+CVE-2017-13673 (The vga display update in Qemu 2.8.0 through 2.9.0 mis-calculated the ...)
+ TODO: check
CVE-2017-13672
RESERVED
CVE-2017-13671 (app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent ...)
@@ -2510,12 +2510,11 @@
- imagemagick <unfixed> (bug #872374)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
NOTE: https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e
-CVE-2017-12875
- RESERVED
+CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows ...)
+ TODO: check
CVE-2017-12866
RESERVED
-CVE-2017-12865 [stack overflow in dns proxy feature]
- RESERVED
+CVE-2017-12865 (Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and ...)
{DSA-3956-1}
- connman 1.35-1 (bug #872844)
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71 (1.35)
@@ -2540,8 +2539,8 @@
NOTE: Fixed by: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796
CVE-2017-12857 (Polycom SoundStation IP, VVX, and RealPresence Trio that are running ...)
NOT-FOR-US: Polycom
-CVE-2017-12856
- RESERVED
+CVE-2017-12856 (Cross-site scripting (XSS) vulnerability in C.P.Sub 5.2 allows remote ...)
+ TODO: check
CVE-2017-12854
RESERVED
CVE-2017-12874 [Incorrect signature verification]
@@ -2576,8 +2575,7 @@
RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201705-01
-CVE-2017-12867 [Invalid token creation and validation]
- RESERVED
+CVE-2017-12867 (The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 ...)
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201708-01
CVE-2017-12855 (Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform ...)
@@ -2720,8 +2718,8 @@
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=957e1fc1c5d0262e4b2f764cf031ad1458446498
CVE-2017-12798 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the q ...)
NOT-FOR-US: NexusPHP
-CVE-2017-12797
- RESERVED
+CVE-2017-12797 (Integer overflow in the INT123_parse_new_id3 function in the ID3 ...)
+ TODO: check
CVE-2017-12796
RESERVED
CVE-2017-12795
@@ -2809,8 +2807,8 @@
NOT-FOR-US: NexusPHP
CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...)
NOT-FOR-US: NexusPHP
-CVE-2017-12775
- RESERVED
+CVE-2017-12775 (qa-include/qa-install.php in Question2Answer before 1.7.5 allows ...)
+ TODO: check
CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php allows ...)
NOT-FOR-US: FineCMS
CVE-2017-12773
@@ -2833,8 +2831,8 @@
RESERVED
CVE-2017-12764
RESERVED
-CVE-2017-12763
- RESERVED
+CVE-2017-12763 (An unspecified server utility in NoMachine before 5.3.10 on Mac OS X ...)
+ TODO: check
CVE-2017-12762 (In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied ...)
- linux <unfixed> (unimportant)
NOTE: Fixed by: https://git.kernel.org/linus/9f5af546e6acc30f075828cb58c7f09665033967 (v4.13-rc4)
@@ -3705,8 +3703,8 @@
NOTE: https://github.com/shadow-maint/shadow/commit/954e3d2e7113e9ac06632aee3c69b8d818cc8952 (4.5)
CVE-2017-12423
RESERVED
-CVE-2017-12422
- RESERVED
+CVE-2017-12422 (NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before ...)
+ TODO: check
CVE-2017-12421
RESERVED
CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp ...)
@@ -6094,8 +6092,8 @@
NOT-FOR-US: SAP
CVE-2017-11456 (Geneko GWR routers allow directory traversal sequences starting with a ...)
NOT-FOR-US: Geneko GWR routers
-CVE-2017-11455
- RESERVED
+CVE-2017-11455 (diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through ...)
+ TODO: check
CVE-2017-11454
RESERVED
CVE-2017-11453
@@ -7772,12 +7770,12 @@
RESERVED
CVE-2017-10953
RESERVED
-CVE-2017-10952
- RESERVED
-CVE-2017-10951
- RESERVED
-CVE-2017-10950
- RESERVED
+CVE-2017-10952 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-10951 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-10950 (This vulnerability allows local attackers to execute arbitrary code on ...)
+ TODO: check
CVE-2017-10949 (Directory Traversal in Dell Storage Manager 2016 R2.1 causes ...)
NOT-FOR-US: Dell Storage Manager
CVE-2017-10948
@@ -8932,6 +8930,7 @@
CVE-2017-9866
RESERVED
CVE-2017-9865 (The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 ...)
+ {DLA-1074-1}
- poppler 0.57.0-2 (bug #867477)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100774
NOTE: http://somevulnsofadlab.blogspot.com/2017/06/popplerstack-buffer-overflow-in.html
@@ -10541,10 +10540,12 @@
CVE-2017-9777
RESERVED
CVE-2017-9776 (Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in ...)
+ {DLA-1074-1}
- poppler 0.57.0-2 (bug #865679)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101541
NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc
CVE-2017-9775 (Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before ...)
+ {DLA-1074-1}
- poppler 0.57.0-2 (bug #865680)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101540
NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=8f4ff8243a3d599ff2a6c08b1da389e606ba4fc9
@@ -13141,6 +13142,7 @@
CVE-2017-9025 (Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) ...)
NOT-FOR-US: HooHoo Trip Mate
CVE-2017-9066 (In WordPress before 4.7.5, there is insufficient redirect validation in ...)
+ {DLA-1075-1}
- wordpress 4.7.5+dfsg-1 (bug #862816)
NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
NOTE: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
@@ -31024,23 +31026,17 @@
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
CVE-2017-3156 (The OAuth2 Hawk and JOSE MAC Validation code in Apache CXF prior to ...)
NOT-FOR-US: Apache CXF
-CVE-2017-3155
- RESERVED
+CVE-2017-3155 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
NOT-FOR-US: Apache Atlas
-CVE-2017-3154
- RESERVED
+CVE-2017-3154 (Error responses from Apache Atlas versions 0.6.0-incubating and ...)
NOT-FOR-US: Apache Atlas
-CVE-2017-3153
- RESERVED
+CVE-2017-3153 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
NOT-FOR-US: Apache Atlas
-CVE-2017-3152
- RESERVED
+CVE-2017-3152 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
NOT-FOR-US: Apache Atlas
-CVE-2017-3151
- RESERVED
+CVE-2017-3151 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
NOT-FOR-US: Apache Atlas
-CVE-2017-3150
- RESERVED
+CVE-2017-3150 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use ...)
NOT-FOR-US: Apache Atlas
CVE-2016-9920 (steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before ...)
{DLA-737-1}
@@ -37621,6 +37617,7 @@
RESERVED
CVE-2017-0379 [side-channel attack on Curve25519]
RESERVED
+ {DSA-3959-1}
- libgcrypt20 1.7.9-1 (bug #873383)
[jessie] - libgcrypt20 <not-affected> (Vulnerable code not present, no Curve25519 support)
- libgcrypt11 <not-affected> (Vulnerable code not present, no Curve25519 support)
@@ -40836,8 +40833,7 @@
NOT-FOR-US: Huawei
CVE-2016-8753
REJECTED
-CVE-2016-8752
- RESERVED
+CVE-2016-8752 (Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and ...)
NOT-FOR-US: Apache Atlas
CVE-2016-8751 (Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site ...)
NOT-FOR-US: Apache Ranger
@@ -59661,36 +59657,36 @@
NOT-FOR-US: IBM
CVE-2016-2980
RESERVED
-CVE-2016-2979
- RESERVED
+CVE-2016-2979 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
+ TODO: check
CVE-2016-2978
RESERVED
-CVE-2016-2977
- RESERVED
+CVE-2016-2977 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user ...)
+ TODO: check
CVE-2016-2976
RESERVED
CVE-2016-2975
RESERVED
CVE-2016-2974
RESERVED
-CVE-2016-2973
- RESERVED
-CVE-2016-2972
- RESERVED
-CVE-2016-2971
- RESERVED
+CVE-2016-2973 (IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site ...)
+ TODO: check
+CVE-2016-2972 (IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of ...)
+ TODO: check
+CVE-2016-2971 (IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive ...)
+ TODO: check
CVE-2016-2970 (IBM Sametime 8.5 and 9.0 meetings server may provide detailed ...)
NOT-FOR-US: IBM
-CVE-2016-2969
- RESERVED
+CVE-2016-2969 (IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that ...)
+ TODO: check
CVE-2016-2968 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows ...)
NOT-FOR-US: IBM
CVE-2016-2967
RESERVED
CVE-2016-2966
RESERVED
-CVE-2016-2965
- RESERVED
+CVE-2016-2965 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
+ TODO: check
CVE-2016-2964
RESERVED
CVE-2016-2963 (Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote ...)
@@ -59701,8 +59697,8 @@
NOT-FOR-US: IBM
CVE-2016-2960 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x ...)
NOT-FOR-US: IBM
-CVE-2016-2959
- RESERVED
+CVE-2016-2959 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room ...)
+ TODO: check
CVE-2016-2958 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
NOT-FOR-US: IBM
CVE-2016-2957 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
@@ -69133,12 +69129,12 @@
RESERVED
CVE-2016-0357 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
NOT-FOR-US: IBM
-CVE-2016-0356
- RESERVED
-CVE-2016-0355
- RESERVED
-CVE-2016-0354
- RESERVED
+CVE-2016-0356 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
+ TODO: check
+CVE-2016-0355 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
+ TODO: check
+CVE-2016-0354 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
+ TODO: check
CVE-2016-0353 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when ...)
NOT-FOR-US: IBM
CVE-2016-0352
@@ -70440,8 +70436,8 @@
NOT-FOR-US: Huawei FusionCompute
CVE-2015-8335 (Huawei VCN500 with software before V100R002C00SPC201 logs passwords in ...)
NOT-FOR-US: Huawei
-CVE-2015-8334
- RESERVED
+CVE-2015-8334 (SQL injection vulnerability in the Operation and Maintenance Unit ...)
+ TODO: check
CVE-2015-8333 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with ...)
NOT-FOR-US: Huawei
CVE-2015-8332 (Huawei Video Content Management (VCM) before V100R001C10SPC001 does ...)
@@ -70595,8 +70591,8 @@
NOTE: https://bazaar.launchpad.net/~lightdm-team/lightdm/1.16/revision/2207 (1.16.x)
CVE-2015-8300 (Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: ...)
NOT-FOR-US: Polycom BToE Connector
-CVE-2015-8299
- RESERVED
+CVE-2015-8299 (Buffer overflow in the Group messages monitor (Falcon) in KNX ETS ...)
+ TODO: check
CVE-2015-8298
RESERVED
CVE-2015-8297
@@ -73028,8 +73024,8 @@
NOTE: https://github.com/phusion/passenger/commit/ddb8ecc4ebf260e4967f57f271d4f5761abeac3e (5.x)
CVE-2015-7518 (Multiple cross-site scripting (XSS) vulnerabilities in information ...)
- foreman <itp> (bug #663101)
-CVE-2015-7517
- RESERVED
+CVE-2015-7517 (Multiple SQL injection vulnerabilities in the Double Opt-In for ...)
+ TODO: check
CVE-2015-7516 (ONOS before 1.5.0 when using the ifwd app allows remote attackers to ...)
NOT-FOR-US: Onos
CVE-2015-7515 (The aiptek_probe function in drivers/input/tablet/aiptek.c in the ...)
@@ -73680,8 +73676,8 @@
NOT-FOR-US: ZTE modems
CVE-2015-7256
RESERVED
-CVE-2015-7255
- RESERVED
+CVE-2015-7255 (ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, ...)
+ TODO: check
CVE-2015-7254 (Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s ...)
NOT-FOR-US: Huawei
CVE-2015-7253 (The Web Console in Commvault Edge Server 10 R2 allows remote attackers ...)
@@ -74478,8 +74474,8 @@
NOT-FOR-US: JSP/MySQL Administrador Web 1
CVE-2015-6943 (SQL injection vulnerability in the serendipity_checkCommentToken ...)
- serendipity <removed>
-CVE-2015-6942
- RESERVED
+CVE-2015-6942 (Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows ...)
+ TODO: check
CVE-2015-6941 (win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before ...)
- salt 2015.8.1+ds-1
[jessie] - salt <no-dsa> (Minor issue)
@@ -75522,8 +75518,8 @@
RESERVED
CVE-2015-6589
RESERVED
-CVE-2015-6588
- RESERVED
+CVE-2015-6588 (Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX ...)
+ TODO: check
CVE-2015-6587 (The vlserver in OpenAFS before 1.6.13 allows remote authenticated ...)
{DSA-3320-1 DLA-342-1}
- openafs 1.6.13-1
@@ -79354,8 +79350,8 @@
NOTE: https://pivotal.io/security/cve-2015-5211
CVE-2015-5210 (Open redirect vulnerability in Apache Ambari before 2.1.2 allows ...)
NOT-FOR-US: Apache Ambari
-CVE-2015-5209
- RESERVED
+CVE-2015-5209 (Apache Struts 2.x before 2.3.24.1 allows remote attackers to ...)
+ TODO: check
CVE-2015-5208 (Apache Cordova iOS before 4.0.0 allows remote attackers to execute ...)
NOT-FOR-US: Apache Cordova
CVE-2015-5207 (Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL ...)
@@ -80934,8 +80930,8 @@
RESERVED
CVE-2015-4650
RESERVED
-CVE-2015-4649
- RESERVED
+CVE-2015-4649 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+ TODO: check
CVE-2015-4648 (Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX ...)
NOT-FOR-US: Pansonic Security API
CVE-2015-4647 (Multiple stack-based buffer overflows in Ipropsapi in Panasonic ...)
@@ -83567,16 +83563,16 @@
NOT-FOR-US: Apple WebKit
CVE-2015-3658 (The Page Loading functionality in WebKit in Apple Safari before 6.2.7, ...)
NOT-FOR-US: Apple WebKit
-CVE-2015-3657
- RESERVED
-CVE-2015-3656
- RESERVED
-CVE-2015-3655
- RESERVED
-CVE-2015-3654
- RESERVED
-CVE-2015-3653
- RESERVED
+CVE-2015-3657 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+ TODO: check
+CVE-2015-3656 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+ TODO: check
+CVE-2015-3655 (Cross-site request forgery (CSRF) vulnerability in Aruba Networks ...)
+ TODO: check
+CVE-2015-3654 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+ TODO: check
+CVE-2015-3653 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+ TODO: check
CVE-2015-3652
RESERVED
CVE-2015-3651
@@ -88645,14 +88641,14 @@
NOTE: http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/839
CVE-2014-9686
RESERVED
-CVE-2013-7433
- RESERVED
-CVE-2013-7432
- RESERVED
-CVE-2013-7431
- RESERVED
-CVE-2013-7430 (Cross-site scripting (XSS) vulnerability in the Google Maps plugin ...)
+CVE-2013-7433 (Cross-site scripting (XSS) vulnerability in the Googlemaps plugin ...)
TODO: check
+CVE-2013-7432 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers ...)
+ TODO: check
+CVE-2013-7431 (Full path disclosure in the Googlemaps plugin before 3.1 for Joomla!. ...)
+ TODO: check
+CVE-2013-7430 (Cross-site scripting (XSS) vulnerability in the Googlemaps plugin ...)
+ TODO: check
CVE-2013-7429
RESERVED
CVE-2013-7428
@@ -90911,8 +90907,7 @@
NOTE: https://github.com/hexchat/hexchat/issues/524
NOTE: https://github.com/hexchat/hexchat/commit/c9b63f7f9be01692b03fa15275135a4910a7e02d (v2.12.0)
NOTE: https://github.com/hexchat/hexchat/commit/c99f2ba645d1f4d01d6d2bb0cc1238825e15c604 (v2.10.2)
-CVE-2013-7426 [insecure default fifo path /tmp/kamailio_fifo]
- RESERVED
+CVE-2013-7426 (Insecure Temporary file vulnerability in /tmp/kamailio_fifo in ...)
- kamailio 4.0.2-1 (bug #712083)
CVE-2013-7424 (The getaddrinfo function in glibc before 2.15, when compiled with ...)
{DSA-3169-1 DLA-165-1}
@@ -94359,8 +94354,7 @@
- perl 5.22.0~rc2-1 (unimportant; bug #769606)
CVE-2014-9486
REJECTED
-CVE-2014-9497 [Buffer overflow]
- RESERVED
+CVE-2014-9497 (Buffer overflow in mpg123 before 1.18.0. ...)
{DLA-655-1}
- mpg123 1.18.0-1
[squeeze] - mpg123 <not-affected> (Introduced in 1.14.1)
@@ -127677,9 +127671,11 @@
- samba4 <removed> (low)
[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
CVE-2013-4474 (Format string vulnerability in the extractPages function in ...)
+ {DLA-1074-1}
- poppler 0.18.4-9 (low; bug #729064)
[squeeze] - poppler <not-affected> (pdfseparate not yet present)
CVE-2013-4473 (Stack-based buffer overflow in the extractPages function in ...)
+ {DLA-1074-1}
- poppler 0.18.4-9 (low; bug #729064)
[squeeze] - poppler <not-affected> (pdfseparate not yet present)
CVE-2013-4472 (The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 ...)
More information about the Secure-testing-commits
mailing list