[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 4 commits: Add CVE-2017-18186/qpdf

Salvatore Bonaccorso carnil at debian.org
Tue Feb 13 21:34:23 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf3795af by Salvatore Bonaccorso at 2018-02-13T22:33:00+01:00
Add CVE-2017-18186/qpdf

- - - - -
6c1f7449 by Salvatore Bonaccorso at 2018-02-13T22:33:31+01:00
Add CVE-2017-18185/qpdf

- - - - -
6b1c73f4 by Salvatore Bonaccorso at 2018-02-13T22:33:46+01:00
Add CVE-2017-18184/qpdf

- - - - -
641242a6 by Salvatore Bonaccorso at 2018-02-13T22:34:01+01:00
Add CVE-2017-18183/qpdf

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -65,13 +65,29 @@ CVE-2018-1000065
 CVE-2018-1000064
 	RESERVED
 CVE-2017-18186 (An issue was discovered in QPDF before 7.0.0. There is an infinite loop ...)
-	TODO: check
+	- qpdf 7.0.0-1
+	[stretch] - qpdf <no-dsa> (Minor issue)
+	[jessie] - qpdf <no-dsa> (Minor issue)
+	NOTE: https://github.com/qpdf/qpdf/commit/85f05cc57ffa0a863d9d9b23e73acea9410b2937
+	NOTE: https://github.com/qpdf/qpdf/issues/149
 CVE-2017-18185 (An issue was discovered in QPDF before 7.0.0. There is a large ...)
-	TODO: check
+	- qpdf 7.0.0-1
+	[stretch] - qpdf <no-dsa> (Minor issue)
+	[jessie] - qpdf <no-dsa> (Minor issue)
+	NOTE: https://github.com/qpdf/qpdf/commit/ec7d74a386c0b2f38990079c3b0d2a2b30be0e71
+	NOTE: https://github.com/qpdf/qpdf/issues/150
 CVE-2017-18184 (An issue was discovered in QPDF before 7.0.0. There is a stack-based ...)
-	TODO: check
+	- qpdf 7.0.0-1
+	[stretch] - qpdf <no-dsa> (Minor issue)
+	[jessie] - qpdf <no-dsa> (Minor issue)
+	NOTE: https://github.com/qpdf/qpdf/commit/dea704f0ab7f625e1e7b3f9a1110b45b63157317
+	NOTE: https://github.com/qpdf/qpdf/issues/147
 CVE-2017-18183 (An issue was discovered in QPDF before 7.0.0. There is an infinite loop ...)
-	TODO: check
+	- qpdf 7.0.0-1
+	[stretch] - qpdf <no-dsa> (Minor issue)
+	[jessie] - qpdf <no-dsa> (Minor issue)
+	NOTE: https://github.com/qpdf/qpdf/commit/8249a26d69f72b9cda584c14cc3f12769985e481
+	NOTE: https://github.com/qpdf/qpdf/issues/143
 CVE-2017-18182
 	RESERVED
 CVE-2017-18181



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/d1e83fcb68f9aa692ac9eee84e5cd7dd18e60cd0...641242a62dd1c5f476c0b49758cafdd55fa04ae7

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/d1e83fcb68f9aa692ac9eee84e5cd7dd18e60cd0...641242a62dd1c5f476c0b49758cafdd55fa04ae7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180213/525fd371/attachment.html>

More information about the Secure-testing-commits mailing list