[Secure-testing-commits] r56741 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Oct 16 09:32:22 UTC 2017


Author: carnil
Date: 2017-10-16 09:32:21 +0000 (Mon, 16 Oct 2017)
New Revision: 56741

Modified:
   data/CVE/list
Log:
Update CVE-2017-15369/mupdf

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-16 09:22:28 UTC (rev 56740)
+++ data/CVE/list	2017-10-16 09:32:21 UTC (rev 56741)
@@ -26,10 +26,10 @@
 	- sox <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554
 CVE-2017-15369 (The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF ...)
-	- mupdf <undetermined>
-	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a
+	- mupdf <not-affected> (Vulnerable code introduced later)
+	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a
+	NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;h=2707fa9e8e6d17d794330e719dec1b08161fb045
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698592
-	TODO: check, possibly only in unreleased version
 CVE-2017-15368 (The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 ...)
 	TODO: check
 CVE-2017-15367




More information about the Secure-testing-commits mailing list