[Secure-testing-commits] r49376 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Mar 2 20:19:43 UTC 2017
Author: carnil
Date: 2017-03-02 20:19:43 +0000 (Thu, 02 Mar 2017)
New Revision: 49376
Modified:
data/CVE/list
Log:
Add several libpodofo temporary items with bug filled by jmm
They hopefully get CVEs assigned, otherwise we might decide to drop the
items again.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-02 19:05:16 UTC (rev 49375)
+++ data/CVE/list 2017-03-02 20:19:43 UTC (rev 49376)
@@ -1,3 +1,33 @@
+CVE-2017-XXXX [NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcolorgraypdfcolorgray-pdfcolor-cpp
+CVE-2017-XXXX [NULL pointer dereference in PoDoFo::PdfXObject::PdfXObject (PdfXObject.cpp)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfxobjectpdfxobject-pdfxobject-cpp
+CVE-2017-XXXX [NULL pointer dereference in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfvariantdelayedload-pdfvariant-h
+CVE-2017-XXXX [NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
+CVE-2017-XXXX [NULL pointer dereference in PoDoFo::PdfColor::operator= (PdfColor.cpp)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
+CVE-2017-XXXX [global buffer overflow in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
+CVE-2017-XXXX [heap-based buffer overflow in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-heap-based-buffer-overflow-in-podofopdfvariantdelayedload-pdfvariant-h
+CVE-2017-XXXX [NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-colorchangergetcolorfromstack-colorchanger-cpp
+CVE-2017-XXXX [NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h
+CVE-2017-XXXX [invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp)]
+ - libpodofo <unfixed> (bug #856592)
+ NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-invalid-memory-read-in-colorchangergetcolorfromstack-colorchanger-cpp
CVE-2017-6426
RESERVED
CVE-2017-6425
More information about the Secure-testing-commits
mailing list