[Secure-testing-commits] r55342 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 31 22:00:33 UTC 2017
Author: jmm
Date: 2017-08-31 22:00:31 +0000 (Thu, 31 Aug 2017)
New Revision: 55342
Modified:
data/CVE/list
Log:
mpg123 no-dsa
qpdf no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-31 21:16:53 UTC (rev 55341)
+++ data/CVE/list 2017-08-31 22:00:31 UTC (rev 55342)
@@ -3506,6 +3506,8 @@
NOT-FOR-US: NexusPHP
CVE-2017-12797 (Integer overflow in the INT123_parse_new_id3 function in the ID3 ...)
- mpg123 1.25.6-1
+ [stretch] - mpg123 <no-dsa> (Minor issue)
+ [jessie] - mpg123 <no-dsa> (Minor issue)
[wheezy] - mpg123 <ignored> (Minor issue)
NOTE: https://sourceforge.net/p/mpg123/bugs/254/
NOTE: https://sourceforge.net/p/mpg123/mailman/message/35987663/
@@ -4039,6 +4041,8 @@
NOTE: https://github.com/openexr/openexr/issues/238
CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and ...)
- qpdf <unfixed>
+ [stretch] - qpdf <no-dsa> (Minor issue)
+ [jessie] - qpdf <no-dsa> (Minor issue)
[wheezy] - qpdf <ignored> (Minor issue)
NOTE: https://github.com/qpdf/qpdf/issues/146
NOTE: Fixed by: https://github.com/qpdf/qpdf/commit/ad527a64f93dca12f6aabab2ca99ae5eb352ab4b
More information about the Secure-testing-commits
mailing list