[Secure-testing-commits] r51728 - data/CVE
Mattia Rizzolo
mattia at moszumanska.debian.org
Thu May 18 20:43:58 UTC 2017
Author: mattia
Date: 2017-05-18 20:43:58 +0000 (Thu, 18 May 2017)
New Revision: 51728
Modified:
data/CVE/list
Log:
get rid of this podofo issue, Mitre decided it's not CVE-worthy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-18 20:31:13 UTC (rev 51727)
+++ data/CVE/list 2017-05-18 20:43:58 UTC (rev 51728)
@@ -9560,13 +9560,6 @@
NOT-FOR-US: espeak-ruby Ruby gem
CVE-2016-10194 (The festivaltts4r gem for Ruby allows remote attackers to execute ...)
NOT-FOR-US: festivaltts4r
-CVE-2017-XXXX [podofo: NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp)]
- - libpodofo <unfixed> (bug #854605)
- [jessie] - libpodofo <no-dsa> (Minor issue)
- [wheezy] - libpodofo <no-dsa> (Minor issue)
- NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfinfoguessformat-pdfinfo-cpp/
- NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/02/02/21
CVE-2015-8981 (Heap-based buffer overflow in the PdfParser::ReadXRefSubsection ...)
{DLA-929-1}
- libpodofo 0.9.4-1 (bug #854599)
More information about the Secure-testing-commits
mailing list