[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] poppler DSA
Moritz Muehlenhoff
jmm at debian.org
Thu Jan 25 12:19:56 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ffe1c712 by Moritz Muehlenhoff at 2018-01-25T13:19:45+01:00
poppler DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22776,6 +22776,8 @@ CVE-2017-14930 (Memory leak in decode_line_info in dwarf2.c in the Binary File .
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a26a013f22a19e2c16729e64f40ef8a7dfcc086e
CVE-2017-14929 (In Poppler 0.59.0, memory corruption occurs in a call to ...)
- poppler 0.61.1-2 (bug #877222)
+ [stretch] - poppler 0.48.0-2+deb9u2
+ [jessie] - poppler <ignored> (Minor impact, too intrusive to backport)
[wheezy] - poppler <ignored> (unreproducible, requires API change which appears to be too intrusive in this case.)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102969
NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2c92c7b6a828c9db8a38f079ea7a3d51c12a481d
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[25 Jan 2018] DSA-4097-1 poppler - security update
+ {CVE-2017-1000456}
+ [jessie] - poppler 0.26.5-2+deb8u3
+ [stretch] - poppler 0.48.0-2+deb9u2
[25 Jan 2018] DSA-4096-1 firefox-esr - security update
{CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117}
[jessie] - firefox-esr 52.6.0esr-1~deb8u1
=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -46,9 +46,6 @@ phpmyadmin/oldstable
--
pjproject
--
-poppler
- For regression introduced in DSA-4079: #886733
---
qemu/oldstable
--
redmine
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ffe1c712a15f7330ce0401ba7959d11b27720957
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ffe1c712a15f7330ce0401ba7959d11b27720957
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180125/c55dd2e5/attachment.html>
More information about the Secure-testing-commits
mailing list