[Secure-testing-commits] r53985 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 27 11:10:49 UTC 2017
Author: carnil
Date: 2017-07-27 11:10:49 +0000 (Thu, 27 Jul 2017)
New Revision: 53985
Modified:
data/CVE/list
Log:
Update CVE-2017-9618/ghostscript
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-27 11:05:47 UTC (rev 53984)
+++ data/CVE/list 2017-07-27 11:10:49 UTC (rev 53985)
@@ -5485,7 +5485,10 @@
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698042
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c53183d4e7103e87368b7cfa15367a47d559e323
CVE-2017-9618 (The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript ...)
- - ghostscript <unfixed>
+ - ghostscript <unfixed> (unimportant)
+ [jessie] - ghostscript <not-affected> (Vulnerable code not present)
+ [wheezy] - ghostscript <not-affected> (Vulnerable code not present)
+ NOTE: The Debian binary package is not affected xps/ not used
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698044
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3c2aebbedd37fab054e80f2e315de07d7e9b5bdb
CVE-2017-9617 (In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion ...)
More information about the Secure-testing-commits
mailing list