[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-16600 in mupdf for stretch LTS.

Chris Lamb lamby at debian.org
Thu Dec 10 10:44:59 GMT 2020 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
029edb30 by Chris Lamb at 2020-12-10T10:40:38+00:00
Triage CVE-2020-16600 in mupdf for stretch LTS.

- - - - -
539b9658 by Chris Lamb at 2020-12-10T10:44:31+00:00
Triage CVE-2020-29651 in pypy and python-py in stretch LTS; relatively minor issue in SVN blame parsing.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1534,7 +1534,9 @@ CVE-2021-1736
 	RESERVED
 CVE-2020-29651 (A denial of service via regular expression in the py.path.svnwc compon ...)
 	- python-py <unfixed>
+	[stretch] - python-py <postponed> (Minor issue)
 	- pypy <unfixed>
+	[stretch] - pypy <postponed> (Minor issue)
 	- pypy3 <unfixed>
 	NOTE: https://github.com/pytest-dev/py/issues/256
 	NOTE: https://github.com/pytest-dev/py/pull/257
@@ -32718,6 +32720,7 @@ CVE-2020-16601
 	RESERVED
 CVE-2020-16600 (A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF  ...)
 	- mupdf 1.17.0+ds1-1
+	[stretch] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702253
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b
 CVE-2020-16599 (A Null Pointer Dereference vulnerability exists in the Binary File Des ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd67eceaf7d107fce570b42b2f1349578c2717e0...539b9658e02e97df588b5c622fe17565c3a3c325

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd67eceaf7d107fce570b42b2f1349578c2717e0...539b9658e02e97df588b5c622fe17565c3a3c325
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201210/54505b7a/attachment.html>

More information about the debian-security-tracker-commits mailing list