Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
47cfcde8 by Moritz Muehlenhoff at 2019-07-05T11:39:55Z
xpdf n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -67,27 +67,27 @@ CVE-2019-13293
CVE-2019-13292 (A SQL Injection issue was discovered in webERP 4.15.
Payments.php acce ...)
NOT-FOR-US: webERP
CVE-2019-13291 (In Xpdf 4.01.01, there is a heap-based buffer over-read in the
functio ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13290 (Artifex MuPDF 1.15.0 has a heap-based buffer overflow in
fz_append_dis ...)
TODO: check
CVE-2019-13289 (In Xpdf 4.01.01, there is a use-after-free vulnerability in
the functi ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13288 (In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc
may cause ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13287 (In Xpdf 4.01.01, there is an out-of-bounds read vulnerability
in the f ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13286 (In Xpdf 4.01.01, there is a heap-based buffer over-read in the
functio ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13285
RESERVED
CVE-2019-13284
RESERVED
CVE-2019-13283 (In Xpdf 4.01.01, a heap-based buffer over-read could be
triggered in s ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13282 (In Xpdf 4.01.01, a heap-based buffer over-read could be
triggered in S ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13281 (In Xpdf 4.01.01, a heap-based buffer overflow could be
triggered in DC ...)
- TODO: check
+ - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13280
RESERVED
CVE-2019-13279
@@ -193068,7 +193068,7 @@ CVE-2015-1318 (The crash reporting feature in Apport
2.13 through 2.17.x before
CVE-2015-1317 (Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x
before 1. ...)
NOT-FOR-US: Oxide
CVE-2015-1316 (Juju Core's Joyent provider before version 1.25.5 uploads the
user's p ...)
- TODO: check
+ - juju <removed>
CVE-2015-1315 (Buffer overflow in the charset_to_intern function in
unix/unix.c in In ...)
- unzip <not-affected> (*-unzip60-alt-iconv-utf8 patch not applied in
Debian)
CVE-2015-1314 (The USAA Mobile Banking application before 7.10.1 for Android
displays ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/47cfcde830483edfd90852f8138e76e9aadfe001
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/47cfcde830483edfd90852f8138e76e9aadfe001
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
