[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: podofo no-dsa
Moritz Muehlenhoff
jmm at debian.org
Sun Jan 28 16:25:44 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7c897c89 by Moritz Muehlenhoff at 2018-01-28T17:18:16+01:00
podofo no-dsa
- - - - -
c9218c53 by Moritz Muehlenhoff at 2018-01-28T17:25:30+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1423,6 +1423,8 @@ CVE-2018-5784 (In LibTIFF 4.0.9, there is an uncontrolled resource consumption i
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2772
CVE-2018-5783 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the ...)
- libpodofo <unfixed>
+ [stretch] - libpodofo <no-dsa> (Minor issue)
+ [jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1536179
CVE-2018-5782
RESERVED
@@ -2625,10 +2627,14 @@ CVE-2018-5311 (The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS v
CVE-2018-5310 (In the "Media from FTP" plugin before 9.85 for WordPress, Directory ...)
NOT-FOR-US: "Media from FTP" plugin for WordPress
CVE-2018-5309 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (low)
+ [stretch] - libpodofo <no-dsa> (Minor issue)
+ [jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532381
CVE-2018-5308 (PoDoFo 0.9.5 does not properly validate memcpy arguments in the ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (low)
+ [stretch] - libpodofo <no-dsa> (Minor issue)
+ [jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532390
CVE-2018-5307
RESERVED
@@ -2665,10 +2671,14 @@ CVE-2018-5298 (In the Procter & Gamble "Oral-B App" (aka com.pg.or
CVE-2018-5297
RESERVED
CVE-2018-5296 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (low)
+ [stretch] - libpodofo <no-dsa> (Minor issue)
+ [jessie] - libpodofo <no-dsa> (Minor issue)
TODO: check, possibly not reported upstream only in Red Hat Bugzilla
CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (low)
+ [stretch] - libpodofo <no-dsa> (Minor issue)
+ [jessie] - libpodofo <no-dsa> (Minor issue)
TODO: check, possibly not reported upstream only in Red Hat Bugzilla
CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an ...)
- ming <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/1a49d15a1f85cace8cf7ea567a2a43c080a90c2c...c9218c5303cbd04f6a62e50c4fa817f4dc7474f0
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/1a49d15a1f85cace8cf7ea567a2a43c080a90c2c...c9218c5303cbd04f6a62e50c4fa817f4dc7474f0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180128/690b7e50/attachment.html>
More information about the Secure-testing-commits
mailing list