[Git][security-tracker-team/security-tracker][master] xpdf n/a

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
47cfcde8 by Moritz Muehlenhoff at 2019-07-05T11:39:55Z
xpdf n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,27 +67,27 @@ CVE-2019-13293
 CVE-2019-13292 (A SQL Injection issue was discovered in webERP 4.15. Payments.php acce ...)
 	NOT-FOR-US: webERP
 CVE-2019-13291 (In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13290 (Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_dis ...)
 	TODO: check
 CVE-2019-13289 (In Xpdf 4.01.01, there is a use-after-free vulnerability in the functi ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13288 (In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause  ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13287 (In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the f ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13286 (In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13285
 	RESERVED
 CVE-2019-13284
 	RESERVED
 CVE-2019-13283 (In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in s ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13282 (In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in S ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13281 (In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DC ...)
-	TODO: check
+	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 CVE-2019-13280
 	RESERVED
 CVE-2019-13279
@@ -193068,7 +193068,7 @@ CVE-2015-1318 (The crash reporting feature in Apport 2.13 through 2.17.x before
 CVE-2015-1317 (Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1. ...)
 	NOT-FOR-US: Oxide
 CVE-2015-1316 (Juju Core's Joyent provider before version 1.25.5 uploads the user's p ...)
-	TODO: check
+	- juju <removed>
 CVE-2015-1315 (Buffer overflow in the charset_to_intern function in unix/unix.c in In ...)
 	- unzip <not-affected> (*-unzip60-alt-iconv-utf8 patch not applied in Debian)
 CVE-2015-1314 (The USAA Mobile Banking application before 7.10.1 for Android displays ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/47cfcde830483edfd90852f8138e76e9aadfe001

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/47cfcde830483edfd90852f8138e76e9aadfe001
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190705/ebd86e60/attachment.html>