[Secure-testing-commits] r56315 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Sun Oct 1 09:59:19 UTC 2017
Author: agx
Date: 2017-10-01 09:59:19 +0000 (Sun, 01 Oct 2017)
New Revision: 56315
Modified:
data/CVE/list
Log:
lts: mupdf not affected by CVE-2017-14685
Font lookup is checked in xps_parse_glyphs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-01 09:29:06 UTC (rev 56314)
+++ data/CVE/list 2017-10-01 09:59:19 UTC (rev 56315)
@@ -679,6 +679,7 @@
NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1
CVE-2017-14685 (Artifex MuPDF 1.11 allows attackers to cause a denial of service or ...)
- mupdf <unfixed> (bug #877379)
+ [wheezy] - mupdf <not-affected> (vulnerable code not present)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698539
NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a
CVE-2017-14684 (In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in ...)
More information about the Secure-testing-commits
mailing list