[Secure-testing-commits] r48705 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Sat Feb 4 11:06:24 UTC 2017
Author: agx
Date: 2017-02-04 11:06:23 +0000 (Sat, 04 Feb 2017)
New Revision: 48705
Modified:
data/CVE/list
Log:
add libpodofo bug ref
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-04 10:39:18 UTC (rev 48704)
+++ data/CVE/list 2017-02-04 11:06:23 UTC (rev 48705)
@@ -513,24 +513,24 @@
NOT-FOR-US: festivaltts4r
CVE-2015-8981 [Heap overflow in the function ReadXRefSubsection]
RESERVED
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #854118)
NOTE: https://sourceforge.net/p/podofo/mailman/message/34205419/
NOTE: https://sourceforge.net/p/podofo/code/1672
CVE-2017-5855 [NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection]
RESERVED
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #854118)
NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
CVE-2017-5854 [NULL pointer dereference in PdfOutputStream.cpp]
RESERVED
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #854118)
NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfoutputstream-cpp
CVE-2017-5853 [Signed integer overflow in PdfParser.cpp]
RESERVED
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #854118)
NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-signed-integer-overflow-in-pdfparser-cpp
CVE-2017-5852 [Infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject]
RESERVED
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #854118)
NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp
CVE-2017-5849 [Out-of-Bound read and write issues in put1bitbwtile() and putgreytile()]
RESERVED
More information about the Secure-testing-commits
mailing list