[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] poppler DSA

Thu, 25 Jan 2018 04:21:52 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ffe1c712 by Moritz Muehlenhoff at 2018-01-25T13:19:45+01:00
poppler DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22776,6 +22776,8 @@ CVE-2017-14930 (Memory leak in decode_line_info in 
dwarf2.c in the Binary File .
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a26a013f22a19e2c16729e64f40ef8a7dfcc086e
 CVE-2017-14929 (In Poppler 0.59.0, memory corruption occurs in a call to ...)
        - poppler 0.61.1-2 (bug #877222)
+       [stretch] - poppler 0.48.0-2+deb9u2
+       [jessie] - poppler <ignored> (Minor impact, too intrusive to backport)
        [wheezy] - poppler <ignored> (unreproducible, requires API change which 
appears to be too intrusive in this case.)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102969
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=2c92c7b6a828c9db8a38f079ea7a3d51c12a481d


=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[25 Jan 2018] DSA-4097-1 poppler - security update
+       {CVE-2017-1000456}
+       [jessie] - poppler 0.26.5-2+deb8u3
+       [stretch] - poppler 0.48.0-2+deb9u2
 [25 Jan 2018] DSA-4096-1 firefox-esr - security update
        {CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 
CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 
CVE-2018-5117}
        [jessie] - firefox-esr 52.6.0esr-1~deb8u1


=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -46,9 +46,6 @@ phpmyadmin/oldstable
 --
 pjproject
 --
-poppler
-  For regression introduced in DSA-4079: #886733
---
 qemu/oldstable
 --
 redmine



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ffe1c712a15f7330ce0401ba7959d11b27720957

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ffe1c712a15f7330ce0401ba7959d11b27720957
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to