[Git][security-tracker-team/security-tracker][master] Three libpodofo issues fixed with upload to unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 7 09:07:35 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ebe68933 by Salvatore Bonaccorso at 2022-05-07T10:06:49+02:00
Three libpodofo issues fixed with upload to unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -167561,7 +167561,7 @@ CVE-2019-20094 (An issue was discovered in libsixel 1.8.4. There is a heap-based
 	NOTE: https://github.com/saitoha/libsixel/commit/a18b3789cfd147028403c17fe79a43b169d8f034
 CVE-2019-20093 (The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ...)
 	[experimental] - libpodofo 0.9.8+dfsg-1
-	- libpodofo <unfixed> (bug #977302)
+	- libpodofo 0.9.8+dfsg-2 (bug #977302)
 	[bullseye] - libpodofo <ignored> (Minor issue)
 	[buster] - libpodofo <ignored> (Minor issue)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -204499,7 +204499,7 @@ CVE-2019-10724 (There is a vulnerability with the Dolby DAX2 API system services
 	NOT-FOR-US: Dolby
 CVE-2019-10723 (An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ...)
 	[experimental] - libpodofo 0.9.8+dfsg-1
-	- libpodofo <unfixed> (low; bug #926667)
+	- libpodofo 0.9.8+dfsg-2 (low; bug #926667)
 	[bullseye] - libpodofo <ignored> (Minor issue)
 	[buster] - libpodofo <ignored> (Minor issue)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -252114,7 +252114,7 @@ CVE-2018-12984 (Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" cred
 	NOT-FOR-US: Hycus CMS
 CVE-2018-12983 (A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryp ...)
 	[experimental] - libpodofo 0.9.8+dfsg-1
-	- libpodofo <unfixed> (low; bug #916580)
+	- libpodofo 0.9.8+dfsg-2 (low; bug #916580)
 	[bullseye] - libpodofo <no-dsa> (Minor issue)
 	[buster] - libpodofo <no-dsa> (Minor issue)
 	[stretch] - libpodofo <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebe6893396ae10d9688a2bbba21dad1279bb3e92

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebe6893396ae10d9688a2bbba21dad1279bb3e92
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220507/d50b6596/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list