[Git][security-tracker-team/security-tracker][master] mupdf - binary from jstest_main.c is not packaged

Neil Williams (@codehelp) Thu, 05 Aug 2021 08:49:24 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
49c364ab by Neil Williams at 2021-08-05T16:47:31+01:00
mupdf - binary from jstest_main.c is not packaged

As with wheezy, the mujstest binary is not included in the binary
packages in Debian.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -268437,12 +268437,14 @@ CVE-2016-10248 (The jpc_tsfb_synthesize function in 
jpc_tsfb.c in JasPer before
 CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in 
Mujstes ...)
        - mupdf 1.11+ds1-1 (unimportant)
        [wheezy] - mupdf <not-affected> (Vulnerable code not present)
+       [stretch] - mupdf <not-affected> (Vulnerable code not present)
        NOTE: Although jstest_main.c compiled during build and mujstest is 
created
        NOTE: it is not included in the produced binary packages
        NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/19
 CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in 
Mujstest in A ...)
        - mupdf 1.11+ds1-1 (unimportant)
        [wheezy] - mupdf <not-affected> (Vulnerable code not present)
+       [stretch] - mupdf <not-affected> (Vulnerable code not present)
        NOTE: Although jstest_main.c compiled during build and mujstest is 
created
        NOTE: it is not included in the produced binary packages
        NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/20
@@ -270690,6 +270692,7 @@ CVE-2017-6061 (Cross-site scripting (XSS) 
vulnerability in the help component of
 CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in 
Artifex So ...)
        - mupdf 1.12.0+ds1-1 (unimportant)
        [wheezy] - mupdf <not-affected> (Vulnerable code not present)
+       [stretch] - mupdf <not-affected> (Vulnerable code not present)
        NOTE: Although jstest_main.c compiled during build and mujstest is 
created
        NOTE: it is not included in the produced binary packages
        NOTE: https://www.openwall.com/lists/oss-security/2017/02/18/1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49c364abb127bf228ac7c9ecf105579bd111e984

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49c364abb127bf228ac7c9ecf105579bd111e984
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] mupdf - binary from jstest_main.c is not packaged

Reply via email to