Processing commands for cont...@bugs.debian.org: > # none of these CVEs deserves to be RC > severity 854118 important Bug #854118 [libpodofo] Multiple issues in libpodofo Severity set to 'important' from 'serious' > tag 854118 upstream Bug #854118 [libpodofo] Multiple issues in libpodofo Added tag(s) upstream. > # please don't ever *ever* bundle different bugs in a single report > clone 854118 -1 -2 -3 -4 -5 -6 -7 Bug #854118 [libpodofo] Multiple issues in libpodofo Bug 854118 cloned as bugs 854599-854605 > retitle -1 libpodofo: CVE-2015-8981 - Heap overflow in the function > ReadXRefSubsection Bug #854599 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection' from 'Multiple issues in libpodofo'. > retitle -2 libpodofo: CVE-2017-5852 - Infinite loop in > PoDoFo::PdfPage::GetInheritedKeyFromObject Bug #854600 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: CVE-2017-5852 - Infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject' from 'Multiple issues in libpodofo'. > retitle -3 libpodofo: CVE-2017-5853 - Signed integer overflow in PdfParser.cpp Bug #854601 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: CVE-2017-5853 - Signed integer overflow in PdfParser.cpp' from 'Multiple issues in libpodofo'. > retitle -4 libpodofo: CVE-2017-5854 - NULL pointer dereference in > PdfOutputStream.cpp Bug #854602 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: CVE-2017-5854 - NULL pointer dereference in PdfOutputStream.cpp' from 'Multiple issues in libpodofo'. > retitle -5 libpodofo: CVE-2017-5855 - NULL pointer dereference in > PoDoFo::PdfParser::ReadXRefSubsection Bug #854603 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: CVE-2017-5855 - NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection' from 'Multiple issues in libpodofo'. > retitle -6 libpodofo: CVE-2017-5886 - heap-based buffer overflow in > PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp) Bug #854604 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: CVE-2017-5886 - heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)' from 'Multiple issues in libpodofo'. > retitle -7 libpodofo: [no CVE yet] - NULL pointer dereference in > PdfInfo::GuessFormat (pdfinfo.cpp) Bug #854605 [libpodofo] Multiple issues in libpodofo Changed Bug title to 'libpodofo: [no CVE yet] - NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp)' from 'Multiple issues in libpodofo'. > # and close the original - just for the sake of being able to call these > # -1/-2/-3/-4/-5/-6/-7 over bug number... > close 854118 Bug #854118 [libpodofo] Multiple issues in libpodofo Marked Bug as done > # CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection > forwarded -1 https://sourceforge.net/p/podofo/mailman/message/34205419/ Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/message/34205419/' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > summary -1 upstream fix: https://sourceforge.net/p/podofo/code/1672 Summary recorded from message bug 854599 message > tag -1 fixed-upstream Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection Added tag(s) fixed-upstream. > close -1 0.9.4-1 Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection There is no source info for the package 'libpodofo' at version '0.9.4-1' with architecture '' Unable to make a source version for version '0.9.4-1' Marked as fixed in versions 0.9.4-1. Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection Marked Bug as done > # CVE-2017-5852 - Infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject > forwarded -2 > https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 Bug #854600 [libpodofo] libpodofo: CVE-2017-5852 - Infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > outlook -2 > https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/ Outlook recorded from message bug 854600 message > # CVE-2017-5853 - Signed integer overflow in PdfParser.cpp > forwarded -3 > https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 Bug #854601 [libpodofo] libpodofo: CVE-2017-5853 - Signed integer overflow in PdfParser.cpp Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > outlook -3 > https://blogs.gentoo.org/ago/2017/02/01/podofo-signed-integer-overflow-in-pdfparser-cpp/ Outlook recorded from message bug 854601 message > # CVE-2017-5854 - NULL pointer dereference in PdfOutputStream.cpp > forwarded -4 > https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 Bug #854602 [libpodofo] libpodofo: CVE-2017-5854 - NULL pointer dereference in PdfOutputStream.cpp Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > outlook -4 > https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfoutputstream-cpp/ Outlook recorded from message bug 854602 message > # CVE-2017-5855 - NULL pointer dereference in > PoDoFo::PdfParser::ReadXRefSubsection > forwarded -5 > https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 Bug #854603 [libpodofo] libpodofo: CVE-2017-5855 - NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > outlook -5 > https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp/ Outlook recorded from message bug 854603 message > # CVE-2017-5886 - heap-based buffer overflow in > PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp) > forwarded -6 > https://sourceforge.net/p/podofo/mailman/podofo-users/thread/1623824.EtgW9yDooZ%40blackgate/#msg35644693 Bug #854604 [libpodofo] libpodofo: CVE-2017-5886 - heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp) Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/1623824.EtgW9yDooZ%40blackgate/#msg35644693' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > outlook -6 > https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp/ Outlook recorded from message bug 854604 message > # TEMP - NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp) > forwarded -7 > https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 Bug #854605 [libpodofo] libpodofo: [no CVE yet] - NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp) Changed Bug forwarded-to-address to 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936' from 'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'. > outlook -7 > https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfinfoguessformat-pdfinfo-cpp/ Outlook recorded from message bug 854605 message > -- Stopping processing here.
Please contact me if you need assistance. -- 854118: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854118 854599: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854599 854600: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854600 854601: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854601 854602: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854602 854603: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854603 854604: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854604 854605: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854605 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
