Mattia Rizzolo pushed to branch master at Debian Security Tracker / security-tracker
Commits: efa63eac by Mattia Rizzolo at 2018-09-18T14:01:33Z CVE-2018-5296/libpodofo and CVE-2017-8053/libpodofo closed in experimental Signed-off-by: Mattia Rizzolo <[email protected]> - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -31862,6 +31862,7 @@ CVE-2018-5298 (In the Procter & Gamble "Oral-B App" (aka com.pg.or CVE-2018-5297 RESERVED CVE-2018-5296 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the ...) + [experimental] - libpodofo 0.9.6+dfsg-1 - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) @@ -74217,6 +74218,7 @@ CVE-2017-8054 (The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cp NOTE: ... and re-fixed in: https://sourceforge.net/p/podofo/code/1882 NOTE: and https://sourceforge.net/p/podofo/code/1883 CVE-2017-8053 (PoDoFo 0.9.5 allows denial of service (infinite recursion and stack ...) + [experimental] - libpodofo 0.9.6+dfsg-1 - libpodofo <unfixed> (bug #860994) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/efa63eac1195043ef62eb253e72e3b3ae1936062 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/efa63eac1195043ef62eb253e72e3b3ae1936062 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
