[Secure-testing-commits] r56256 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 29 19:32:45 UTC 2017
Author: carnil
Date: 2017-09-29 19:32:45 +0000 (Fri, 29 Sep 2017)
New Revision: 56256
Modified:
data/CVE/list
Log:
Add CVE-2017-14926
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-29 19:29:00 UTC (rev 56255)
+++ data/CVE/list 2017-09-29 19:32:45 UTC (rev 56256)
@@ -43,7 +43,9 @@
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102604
NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=6472d8493f7e82cc78b41da20a2bf19fcb4e0a7d
CVE-2017-14926 (In Poppler 0.59.0, a NULL Pointer Dereference exists in ...)
- TODO: check
+ - poppler <unfixed>
+ NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102601
+ NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2532df6060092e9fab7f041ae9598aff9cdd94bb
CVE-2017-14925 (Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki ...)
NOT-FOR-US: Tiki
CVE-2017-14924 (Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki ...)
More information about the Secure-testing-commits
mailing list