[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000051/mupdf
Salvatore Bonaccorso
carnil at debian.org
Sat Feb 10 09:28:16 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
75bb470a by Salvatore Bonaccorso at 2018-02-10T10:27:57+01:00
Add CVE-2018-1000051/mupdf
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -590,7 +590,10 @@ CVE-2018-1000052 (fmtlib version prior to version 4.1.0 (before commit ...)
NOTE: https://github.com/fmtlib/fmt/issues/642
NOTE: https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7
CVE-2018-1000051 (Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability ...)
- TODO: check
+ - mupdf <unfixed>
+ NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698825
+ NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698873
+ NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?321ba1de287016b0036bf4a56ce774ad11763384
CVE-2018-1000050 (Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer ...)
TODO: check
CVE-2018-1000049 (nanopool Claymore Dual Miner version 7.3 and earlier contains a Remote ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/75bb470a7fc8446f9e30fbbc972bd7df7a9a06f6
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/75bb470a7fc8446f9e30fbbc972bd7df7a9a06f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180210/34c4fa35/attachment.html>
More information about the Secure-testing-commits
mailing list