[Secure-testing-commits] r48531 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 29 16:50:31 UTC 2017
Author: carnil
Date: 2017-01-29 16:50:30 +0000 (Sun, 29 Jan 2017)
New Revision: 48531
Modified:
data/CVE/list
Log:
Update status for CVE-2010-1028/calibre, vulnerable code removed in 2.38.0+dfsg-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-29 16:48:50 UTC (rev 48530)
+++ data/CVE/list 2017-01-29 16:50:30 UTC (rev 48531)
@@ -158290,7 +158290,8 @@
CVE-2010-1028 (Integer overflow in the decompression functionality in the Web Open ...)
- xulrunner <not-affected> (vulnerability introduced in firefox 3.6)
- iceape <not-affected> (Vulnerable code not present)
- - calibre <unfixed> (bug #787085)
+ - calibre 2.38.0+dfsg-1 (bug #787085)
+ NOTE: 2.38.0+dfsg-1 removed the copy of woff below src/calibre/utils/fonts/woff/
CVE-2010-XXXX [Escape href attribute in auto links]
- redmine 0.9.3-3
CVE-2010-XXXX [Fixes permission check in QueriesController]
More information about the Secure-testing-commits
mailing list