[Git][security-tracker-team/security-tracker][master] Add CVE-2017-18267/poppler
Salvatore Bonaccorso
carnil at debian.org
Thu May 10 19:31:41 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b5c5f158 by Salvatore Bonaccorso at 2018-05-10T20:31:11+02:00
Add CVE-2017-18267/poppler
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -38,6 +38,11 @@ CVE-2018-10947
RESERVED
CVE-2018-10946
RESERVED
+CVE-2017-18267 [FoFiType1C::cvtGlyph: Fix infinite recursion on malformed documents]
+ - poppler <unfixed>
+ NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=104942
+ NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103238
+ NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=60b4fe65bc9dc9b82bbadf0be2e3781be796a13d
CVE-2017-18266 [Argument injection in xdg-open open_envvar]
- xdg-utils <unfixed> (bug #898317)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103807
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b5c5f15849585549f57841df22a956d3b0673f47
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b5c5f15849585549f57841df22a956d3b0673f47
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180510/28bb8ef9/attachment.html>
More information about the debian-security-tracker-commits
mailing list