[Git][security-tracker-team/security-tracker][master] Update information for three libpodofo issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun May 14 21:20:00 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
35925ae1 by Salvatore Bonaccorso at 2023-05-14T22:18:32+02:00
Update information for three libpodofo issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -228,10 +228,10 @@ CVE-2023-31906 (Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a he
[bullseye] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5066
CVE-2023-31568 (Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ...)
- - libpodofo <unfixed> (bug #1035935)
- [bullseye] - libpodofo <no-dsa> (Minor issue)
+ - libpodofo <not-affected> (Vulnerable code not present)
NOTE: https://github.com/podofo/podofo/issues/72
NOTE: Fixed by: https://github.com/podofo/podofo/commit/29d59f604b37159e938a2f46acd4856cfd1e7bac
+ NOTE: Introduced by: https://github.com/podofo/podofo/commit/a2eca000e5a4337fb79ee8215d06413785653184
CVE-2023-31567 (Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ...)
- libpodofo <unfixed>
[bookworm] - libpodofo <no-dsa> (Minor issue)
@@ -245,15 +245,16 @@ CVE-2023-31566 (Podofo v0.10.0 was discovered to contain a heap-use-after-free v
CVE-2023-31557 (xpdf pdfimages v4.04 was discovered to contain a stack overflow in the ...)
TODO: check
CVE-2023-31556 (podofoinfo 0.10.0 was discovered to contain a segmentation violation v ...)
- - libpodofo <unfixed> (bug #1035935)
- [bullseye] - libpodofo <no-dsa> (Minor issue)
+ - libpodofo <not-affected> (Vulnerable code not present)
NOTE: https://github.com/podofo/podofo/issues/66
- NOTE: https://github.com/podofo/podofo/commit/8d3e9104ea10f8b53a0b5a2a806e6388acd41a40
+ NOTE: Fixed by: https://github.com/podofo/podofo/commit/8d3e9104ea10f8b53a0b5a2a806e6388acd41a40
+ NOTE: Introduced by: https://github.com/podofo/podofo/commit/a2eca000e5a4337fb79ee8215d06413785653184
CVE-2023-31555 (podofoinfo 0.10.0 was discovered to contain a segmentation violation v ...)
- - libpodofo <unfixed> (bug #1035935)
+ - libpodofo <not-affected> (Vulnerable code not present)
[bullseye] - libpodofo <no-dsa> (Minor issue)
NOTE: https://github.com/podofo/podofo/issues/67
- NOTE: https://github.com/podofo/podofo/commit/3759eb6aae7c01f2d8670f16ac46f5e116c7f468
+ NOTE: Fixed by: https://github.com/podofo/podofo/commit/3759eb6aae7c01f2d8670f16ac46f5e116c7f468
+ NOTE: Introduced by: https://github.com/podofo/podofo/commit/a2eca000e5a4337fb79ee8215d06413785653184
CVE-2023-31554 (xpdf pdfimages v4.04 was discovered to contain a stack overflow in the ...)
TODO: check
CVE-2023-31471 (An issue was discovered on GL.iNet devices before 3.216. Through the s ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35925ae1ecb64f1cae0d3f456f0453532cfc6eaa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35925ae1ecb64f1cae0d3f456f0453532cfc6eaa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230514/1ce13cba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list