[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-6187/CVE-2018-6544 ignored in Wheezy

Hugo Lefeuvre hle at debian.org
Sat Mar 17 22:03:28 UTC 2018 

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a6b0ee97 by Hugo Lefeuvre at 2018-03-17T23:00:49+01:00
Mark CVE-2018-6187/CVE-2018-6544 ignored in Wheezy

Mupdf in Wheezy is most likely not affected by these two rather
unimportant issues.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5898,10 +5898,12 @@ CVE-2018-6545 (Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripti
 	NOT-FOR-US: Ipswitch MoveIt
 CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could ...)
 	- mupdf 1.12.0+ds1-1 (bug #891245)
+	[wheezy] - mupdf <ignored> (Most likely not affected, minor issue)
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698830
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698965
+	NOTE: https://lists.debian.org/debian-lts/2018/03/msg00043.html
 CVE-2018-6543 (In GNU Binutils 2.30, there's an integer overflow in the function ...)
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
@@ -6954,7 +6956,9 @@ CVE-2018-6187 (In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow ..
 	- mupdf <unfixed> (bug #888464)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <no-dsa> (Minor issue)
+	[wheezy] - mupdf <ignored> (Most likely not affected, minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698908
+	NOTE: https://lists.debian.org/debian-lts/2018/03/msg00041.html
 CVE-2018-6186 (Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via ...)
 	NOT-FOR-US: Citrix NetScaler VPX
 CVE-2018-6185



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6b0ee9751ed751865cea4e9d0a110fbbc8c2fc2

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6b0ee9751ed751865cea4e9d0a110fbbc8c2fc2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180317/4416b8b2/attachment.html>

More information about the Secure-testing-commits mailing list