[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for abiword explaining problem with --with-gnomevfs
Salvatore Bonaccorso
carnil at debian.org
Mon Mar 12 16:11:42 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6de3b0d3 by Salvatore Bonaccorso at 2018-03-12T17:11:10+01:00
Add note for abiword explaining problem with --with-gnomevfs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17840,7 +17840,9 @@ CVE-2017-17529 (af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate s
[wheezy] - abiword <no-dsa> (Minor issue)
NOTE: https://sources.debian.org/src/abiword/3.0.2-5/src/af/util/xp/ut_go_file.cpp/#L1717
NOTE: Issue can be mitigated by compiling abiword in future with --with-gnomevfs so that
- NOTE: abiword does not use the problematic fallback_open_uri.
+ NOTE: abiword does not use the problematic fallback_open_uri. This though only works for
+ NOTE: GTK+-2. Abiword in Debian is compiled against GTK+3+
+ NOTE: See explanation in https://bugs.debian.org/884923#15
CVE-2017-17528 (backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not ...)
- scummvm <unfixed> (unimportant)
[wheezy] - scummvm <not-affected> (Vulnerable code not there)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6de3b0d3b1564e2e0b1a21057bf6c20b3e87cf58
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6de3b0d3b1564e2e0b1a21057bf6c20b3e87cf58
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180312/3af84cc1/attachment.html>
More information about the Secure-testing-commits
mailing list