[Secure-testing-commits] r56282 - data
Guido Guenther
agx at moszumanska.debian.org
Sat Sep 30 12:33:32 UTC 2017
Author: agx
Date: 2017-09-30 12:33:32 +0000 (Sat, 30 Sep 2017)
New Revision: 56282
Modified:
data/dla-needed.txt
Log:
lts: triage poppler
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-09-30 11:56:54 UTC (rev 56281)
+++ data/dla-needed.txt 2017-09-30 12:33:32 UTC (rev 56282)
@@ -102,6 +102,11 @@
NOTE: CVE-2015-7700: the problematic call to png_free_data() is present
NOTE: in wheezy but it's not clear to me where the other call to free() is.
--
+poppler
+ NOTE: not fixed in sid yet so did not ping maintainer
+ NOTE: drawForm is doForm1 in wheezy
+ NOTE: exploit does not loop but code looks affected
+--
qemu (Guido Günther)
NOTE: 20170831: at first glance nothing critical, can wait for further issues
--
More information about the Secure-testing-commits
mailing list