[Secure-testing-commits] r52542 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jun 13 20:51:06 UTC 2017
Author: jmm
Date: 2017-06-13 20:51:06 +0000 (Tue, 13 Jun 2017)
New Revision: 52542
Modified:
data/CVE/list
Log:
calibre no-dsax
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-13 20:44:43 UTC (rev 52541)
+++ data/CVE/list 2017-06-13 20:51:06 UTC (rev 52542)
@@ -11702,7 +11702,8 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/4
CVE-2016-10187 (The E-book viewer in calibre before 2.75 allows remote attackers to ...)
{DLA-859-1}
- - calibre 2.75.1+dfsg-1 (bug #853004)
+ - calibre 2.75.1+dfsg-1 (low; bug #853004)
+ [jessie] - calibre <no-dsa> (Minor issue)
NOTE: Upstream report: https://launchpad.net/bugs/1651728
NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/8
@@ -170573,6 +170574,7 @@
- xulrunner <not-affected> (vulnerability introduced in firefox 3.6)
- iceape <not-affected> (Vulnerable code not present)
- calibre 2.38.0+dfsg-1 (bug #787085)
+ [jessie] - calibre <no-dsa> (Minor issue)
[wheezy] - calibre <not-affected> (src/calibre/utils/fonts/woff/ not introduced until version 0.9.33)
NOTE: 2.38.0+dfsg-1 removed the copy of woff below src/calibre/utils/fonts/woff/
CVE-2010-XXXX [Escape href attribute in auto links]
More information about the Secure-testing-commits
mailing list