Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3cb3ebbb by Salvatore Bonaccorso at 2019-08-11T06:51:10Z
Add fixed version for CVE-2018-15889/libpodofo
It is confirmed in upstream issue tracker that the fix is the same, and
likely it is a duplicate on it's own. It is not yet confirmed by MITRE
if they treat those as distinct issue, so adding just the fixed version
for now.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51067,8 +51067,7 @@ CVE-2018-15891 (An issue was discovered in FreePBX core
before 3.0.122.43, 14.0.
CVE-2018-15890 (An issue was discovered in EthereumJ 1.8.2. There is Unsafe
Deserializ ...)
NOT-FOR-US: EthereumJ
CVE-2018-15889 (In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects()
in base ...)
- - libpodofo <unfixed> (low; bug #916167)
- [buster] - libpodofo <no-dsa> (Minor issue)
+ - libpodofo 0.9.6+dfsg-4 (low; bug #916167)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: (possible, but not yet confirmed) duplicate of CVE-2018-5783
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cb3ebbbcfcf5ec0368c1fd703218e9eef648452
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cb3ebbbcfcf5ec0368c1fd703218e9eef648452
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
