[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove some no-dsa for issues which will be fixed along with poppler DSA

Moritz Muehlenhoff jmm at debian.org
Sat Dec 30 18:18:36 UTC 2017 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6035089b by Moritz Muehlenhoff at 2017-12-30T19:18:07+01:00
Remove some no-dsa for issues which will be fixed along with poppler DSA

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16543,7 +16543,6 @@ CVE-2017-14978
 CVE-2017-14977 (The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler ...)
 	{DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877952)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103045
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=19eedc6fb693a62f305e13079501e3105f869f3c
@@ -16555,7 +16554,6 @@ CVE-2017-14976 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Popp
 CVE-2017-14975 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler ...)
 	{DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877957)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102653
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a5e5649ecf16fa05770620dbbd4985935dc2bbff
@@ -17618,6 +17616,8 @@ CVE-2017-14618 (Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in p
 CVE-2017-14617 (In Poppler 0.59.0, a floating point exception occurs in the ImageStream ...)
 	{DLA-1116-1}
 	- poppler 0.61.1-2 (bug #876385)
+	[stretch] - poppler <no-dsa> (Minor issue)
+	[jessie] - poppler <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102854
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=939465c40902d72e0c05d4f3a27ee67e4a007ed7
 CVE-2015-9232 (The Good for Enterprise application 3.0.0.415 for Android does not use ...)
@@ -17867,7 +17867,6 @@ CVE-2017-14521
 	RESERVED
 CVE-2017-14520 (In Poppler 0.59.0, a floating point exception occurs in ...)
 	- poppler 0.61.1-2 (low; bug #876081)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	[wheezy] - poppler <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102719
@@ -17879,7 +17878,6 @@ CVE-2017-14519 (In Poppler 0.59.0, memory corruption occurs in a call to ...)
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=aaf5327649e8f7371c9d3270e7813c43ddfd47ee
 CVE-2017-14518 (In Poppler 0.59.0, a floating point exception exists in the ...)
 	- poppler 0.61.1-2 (low; bug #876082)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	[wheezy] - poppler <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102688
@@ -17887,7 +17885,6 @@ CVE-2017-14518 (In Poppler 0.59.0, a floating point exception exists in the ...)
 CVE-2017-14517 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the ...)
 	{DLA-1116-1}
 	- poppler 0.61.1-2 (low; bug #876079)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102687
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f
@@ -32811,7 +32808,6 @@ CVE-2017-9409 (In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/458
 CVE-2017-9408 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
 	- poppler 0.57.0-2 (low; bug #864009)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100776
@@ -32823,7 +32819,6 @@ CVE-2017-9407 (In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allo
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/459
 CVE-2017-9406 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
 	- poppler 0.57.0-2 (low; bug #864010)
-	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <no-dsa> (Minor issue)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100775



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6035089b0095063ac2edb347939069e0a1289909

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6035089b0095063ac2edb347939069e0a1289909
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20171230/1c9745e7/attachment.html>

More information about the Secure-testing-commits mailing list