[Git][security-tracker-team/security-tracker][master] mark two libpodofo CVEs as fixed
Mattia Rizzolo
mattia at debian.org
Sun Apr 21 16:23:27 BST 2019
Mattia Rizzolo pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b211b4a1 by Mattia Rizzolo at 2019-04-21T15:22:59Z
mark two libpodofo CVEs as fixed
Signed-off-by: Mattia Rizzolo <mattia at debian.org>
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4771,7 +4771,7 @@ CVE-2019-9689
CVE-2019-9688 (sftnow through 2018-12-29 allows index.php?g=Admin&m=User&a=ad ...)
NOT-FOR-US: sftnow
CVE-2019-9687 (PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF ...)
- - libpodofo <unfixed> (bug #924430)
+ - libpodofo 0.9.6+dfsg-5 (bug #924430)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/podofo/code/1969
@@ -5972,7 +5972,7 @@ CVE-2019-9200 (A heap-based buffer underwrite exists in ImageStream::getLine() l
NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/728
NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/f4136a6353162db249f63ddb0f20611622ab61b4
CVE-2019-9199 (PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoD ...)
- - libpodofo <unfixed> (low; bug #923469)
+ - libpodofo 0.9.6+dfsg-5 (low; bug #923469)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/podofo/tickets/40/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b211b4a116b51fc3b821c0cf575067f2a3414ca7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b211b4a116b51fc3b821c0cf575067f2a3414ca7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190421/b7728b8e/attachment.html>
More information about the debian-security-tracker-commits
mailing list