Author: jmm
Date: 2017-02-05 10:16:17 +0000 (Sun, 05 Feb 2017)
New Revision: 48717
Modified:
data/CVE/list
Log:
podofo CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-05 10:15:21 UTC (rev 48716)
+++ data/CVE/list 2017-02-05 10:16:17 UTC (rev 48717)
@@ -1,7 +1,7 @@
CVE-2016-10208 [linux ext4 memory corruption]
- linux <unfixed>
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2017-XXXX [podofo: heap-based buffer overflow in
PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)]
+CVE-2017-5886 [podofo: heap-based buffer overflow in
PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)]
- libpodofo <unfixed>
NOTE:
https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp
NOTE:
https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
