Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6953ca4e by Mike Gabriel at 2019-04-08T18:17:21Z poppler in jessie: not affected by CVE-2019-10873 - - - - - e8d48c61 by Mike Gabriel at 2019-04-08T18:20:58Z CVE-2019-9631 (poppler): Add note with patch URL. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -106,6 +106,7 @@ CVE-2019-10874 (Cross Site Request Forgery (CSRF) in the bolt/upload File Upload NOT-FOR-US: Bolt CMS CVE-2019-10873 (An issue was discovered in Poppler 0.74.0. There is a NULL pointer der ...) - poppler <unfixed> (bug #926532) + [jessie] - poppler <not-affected> (vulnerable code is not present) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/748 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8dbe2e6c480405dab9347075cf4be626f90f1d05 CVE-2019-10872 (An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ...) @@ -3800,6 +3801,7 @@ CVE-2019-9632 (ESAFENET CDG V3 and V5 has an arbitrary file download vulnerabili CVE-2019-9631 (Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBo ...) - poppler <unfixed> NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/736 + NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8122f6d6d409b53151a20c5578fc525ee97315e8 TODO: check details CVE-2019-9630 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/8dc79a3fbfda82f058d135e60d46749f0e659626...e8d48c614e7cba2217a080d0cf2905e72fb9da14 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/8dc79a3fbfda82f058d135e60d46749f0e659626...e8d48c614e7cba2217a080d0cf2905e72fb9da14 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits