[Secure-testing-commits] r48717 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Feb 5 10:16:17 UTC 2017
Author: jmm
Date: 2017-02-05 10:16:17 +0000 (Sun, 05 Feb 2017)
New Revision: 48717
Modified:
data/CVE/list
Log:
podofo CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-05 10:15:21 UTC (rev 48716)
+++ data/CVE/list 2017-02-05 10:16:17 UTC (rev 48717)
@@ -1,7 +1,7 @@
CVE-2016-10208 [linux ext4 memory corruption]
- linux <unfixed>
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2017-XXXX [podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)]
+CVE-2017-5886 [podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)]
- libpodofo <unfixed>
NOTE: https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp
NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469
More information about the Secure-testing-commits
mailing list