[Git][security-tracker-team/security-tracker][master] Add mupdf issues and mark them straight as unimportant

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ce79c94 by Salvatore Bonaccorso at 2023-12-26T22:03:57+01:00
Add mupdf issues and mark them straight as unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,15 +33,30 @@ CVE-2023-5180 (An issue was discovered in Open Design Alliance Drawings SDK befo
 CVE-2023-52086 (resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5  ...)
 	TODO: check
 CVE-2023-51107 (A floating point exception (divide-by-zero) vulnerability was discover ...)
-	TODO: check
+	- mupdf <unfixed> (unimportant)
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md#3-a-floating-point-exception-divide-by-zero-issue-was-discovered-in-mupdf-in-functon-compute_color-of-jquant2c-in-line-533
+	NOTE: Negligible security impact, crash in CLI tool
 CVE-2023-51106 (A floating point exception (divide-by-zero) vulnerability was discover ...)
-	TODO: check
+	- mupdf <unfixed> (unimportant)
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md#4-a-floating-point-exception-divide-by-zero-issue-was-discovered-in-mupdf-in-functon-pnm_binary_read_image-of-load-pnmc-in-line-519
+	NOTE: Negligible security impact, crash in CLI tool
 CVE-2023-51105 (A floating point exception (divide-by-zero) vulnerability was discover ...)
-	TODO: check
+	- mupdf <unfixed> (unimportant)
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md#1-a-floating-point-exception-divide-by-zero-issue-was-discovered-in-mupdf-in-functon-bmp_decompress_rle4-of-load-bmpc-in-line-541
+	NOTE: Negligible security impact, crash in CLI tool
 CVE-2023-51104 (A floating point exception (divide-by-zero) vulnerability was discover ...)
-	TODO: check
+	- mupdf <unfixed> (unimportant)
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md#5-a-floating-point-exception-divide-by-zero-issue-was-discovered-in-mupdf-in-functon-pnm_binary_read_image-of-load-pnmc-in-line-527
+	NOTE: Negligible security impact, crash in CLI tool
 CVE-2023-51103 (A floating point exception (divide-by-zero) vulnerability was discover ...)
-	TODO: check
+	- mupdf <unfixed> (unimportant)
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md
+	NOTE: https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md#2-a-floating-point-exception-divide-by-zero-issue-was-discovered-in-mupdf-in-functon-fz_new_pixmap_from_float_data-of-pixmapc-in-line-1330
+	NOTE: Negligible security impact, crash in CLI tool
 CVE-2023-51102 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow  ...)
 	NOT-FOR-US: Tenda
 CVE-2023-51101 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce79c942ea50559d95e976a6b1d76179016c65a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce79c942ea50559d95e976a6b1d76179016c65a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231226/116e6f7c/attachment.htm>