[Git][security-tracker-team/security-tracker][master] reported xpdf/CVE-2022-24106 to poppler upstream
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Oct 11 21:59:49 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ff8fccb1 by Moritz Muehlenhoff at 2022-10-11T22:59:22+02:00
reported xpdf/CVE-2022-24106 to poppler upstream
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51606,7 +51606,7 @@ CVE-2022-24107 (Xpdf prior to 4.04 lacked an integer overflow check in JPXStream
- xpdf <not-affected> (Debian uses poppler, which is not affected)
CVE-2022-24106 (In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing ...)
- poppler <unfixed>
- TODO: Report upstream, seems to affect current poppler.git
+ NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1297
CVE-2022-24105 (Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) ...)
NOT-FOR-US: Adobe
CVE-2022-24104 (Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff8fccb19bfd17a4f26714817eaf4c8f6056dd3b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff8fccb19bfd17a4f26714817eaf4c8f6056dd3b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221011/60c5ee18/attachment.htm>
More information about the debian-security-tracker-commits
mailing list