[Git][security-tracker-team/security-tracker][master] 2 commits: Track upstream commit for CVE-2018-18020/qpdf

Sun Apr 12 20:02:13 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e1cc1fb8 by Salvatore Bonaccorso at 2020-04-12T21:01:08+02:00
Track upstream commit for CVE-2018-18020/qpdf

- - - - -
eb5ac528 by Salvatore Bonaccorso at 2020-04-12T21:01:47+02:00
CVE-2018-18020/qpdf fixed in unstable via 9.0.0-1 upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89351,11 +89351,12 @@ CVE-2018-18022
 CVE-2012-6710 (ext_find_user in eXtplorer through 2.1.2 allows remote attackers to by ...)
 	- extplorer <removed>
 CVE-2018-18020 (In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and ...)
-	- qpdf <unfixed>
+	- qpdf 9.0.0-1
 	[buster] - qpdf <no-dsa> (Minor issue)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/243
+	NOTE: https://github.com/qpdf/qpdf/commit/cf469d789024cdda41684f1ea48b41829b98c242
 CVE-2018-1000806
 	REJECTED
 CVE-2018-18019 (XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPre ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b77cc828b91f73da1ae61b83b21d564ad2d083ae...eb5ac528a0c10fb86b50c66d54ad9f1fa583763a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b77cc828b91f73da1ae61b83b21d564ad2d083ae...eb5ac528a0c10fb86b50c66d54ad9f1fa583763a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200412/79e690c4/attachment.html>
