[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-1010006/atril

Mon Sep 30 20:41:17 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
13594288 by Salvatore Bonaccorso at 2019-09-30T19:39:19Z
Add fixed version for CVE-2019-1010006/atril

The debian/changelog is slightly confusing as it suggests earlier
versions did include the patch to adress the issue. But it seems to have
been really only added after the 1.22.1-1 release in the packaging
repository and then later when rebased to 1.22.2 removed the patch.
1.22.2 is containing the fix and so 1.22.2-1 uploaded to unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21695,7 +21695,7 @@ CVE-2019-1010007
 	RESERVED
 CVE-2019-1010006 (Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Pos ...)
 	{DLA-1882-1 DLA-1881-1}
-	- atril <unfixed>
+	- atril 1.22.2-1
 	- evince 3.27.92-1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=788980
 	NOTE: https://gitlab.gnome.org/GNOME/evince/commit/e6ed0d4cdb6326e329c8f61f9cc19ff9331cb0ce (3.27.91)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/13594288fcffde30355dba7b9171aa083470c2b2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/13594288fcffde30355dba7b9171aa083470c2b2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190930/9011afca/attachment.html>
