[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-1000051 as not-affected for Wheezy

Thorsten Alteholz alteholz at debian.org
Fri Mar 23 14:45:37 UTC 2018 

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
45f58e23 by Thorsten Alteholz at 2018-03-23T15:44:01+01:00
mark CVE-2018-1000051 as not-affected for Wheezy

- - - - -
35e4e072 by Thorsten Alteholz at 2018-03-23T15:44:52+01:00
mark CVE-2018-6192 as no-dsa for Wheezy

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6042,6 +6042,7 @@ CVE-2018-1000052 (fmtlib version prior to version 4.1.0 (before commit ...)
 	NOTE: https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7
 CVE-2018-1000051 (Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability ...)
 	- mupdf 1.12.0+ds1-1 (bug #891245)
+	[wheezy] - mupdf <not-affected> (Vulnerable code not present, introduced in version 1.3)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698825
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698873
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?321ba1de287016b0036bf4a56ce774ad11763384
@@ -7431,6 +7432,7 @@ CVE-2018-6192 (In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in ...)
 	- mupdf <unfixed> (bug #888487)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <no-dsa> (Minor issue)
+	[wheezy] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698916
 CVE-2018-6191 (The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an ...)
 	NOT-FOR-US: MuJS



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/eb1cf7cce1f1416bb3f1c1e8a2bbc585c7a16016...35e4e0728702ba3af8f8e665827ba337d88a1553

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/eb1cf7cce1f1416bb3f1c1e8a2bbc585c7a16016...35e4e0728702ba3af8f8e665827ba337d88a1553
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180323/c46eef62/attachment.html>

More information about the Secure-testing-commits mailing list