[Secure-testing-commits] r51144 - data/CVE

Salvatore Bonaccorso Fri, 28 Apr 2017 02:21:18 -0700

Author: carnil
Date: 2017-04-28 09:20:55 +0000 (Fri, 28 Apr 2017)
New Revision: 51144


Modified:
   data/CVE/list
Log:
Add fixed version for ghostscript upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-04-28 09:20:45 UTC (rev 51143)
+++ data/CVE/list       2017-04-28 09:20:55 UTC (rev 51144)
@@ -44,7 +44,7 @@
        - libressl <itp> (bug #754513)
        NOTE: http://www.openwall.com/lists/oss-security/2017/04/27/11
 CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass 
and ...)
-       - ghostscript <unfixed> (bug #861295)
+       - ghostscript 9.20~dfsg-3.1 (bug #861295)
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate of 
697799)
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697799 (made private)
        NOTE: Full report viewable at: 
https://bugzilla.suse.com/show_bug.cgi?id=1036453
@@ -6603,7 +6603,7 @@
        RESERVED
 CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in 
Artifex ...)
        {DLA-905-1}
-       - ghostscript <unfixed> (bug #859696)
+       - ghostscript 9.20~dfsg-3.1 (bug #859696)
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
        NOTE: Fixed by: 
http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
 CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka 
LibYaml-C++) ...)
@@ -6641,12 +6641,12 @@
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697400
 CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in 
Artifex ...)
        {DLA-905-1}
-       - ghostscript <unfixed> (bug #859694)
+       - ghostscript 9.20~dfsg-3.1 (bug #859694)
        NOTE: 
http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697450
 CVE-2016-10219 (The intersect function in base/gxfill.c in Artifex Software, 
Inc. ...)
        {DLA-905-1}
-       - ghostscript <unfixed> (bug #859666)
+       - ghostscript 9.20~dfsg-3.1 (bug #859666)
        NOTE: 
http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697453
 CVE-2016-10218 (The pdf14_pop_transparency_group function in base/gdevp14.c in 
the PDF ...)
@@ -6655,7 +6655,7 @@
        NOTE: Introduced by: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=47294ff5b168d25bfc7db64f51572d64b8ebde91
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697444
 CVE-2016-10217 (The pdf14_open function in base/gdevp14.c in Artifex Software, 
Inc. ...)
-       - ghostscript <unfixed> (bug #859662)
+       - ghostscript 9.20~dfsg-3.1 (bug #859662)
        [jessie] - ghostscript <not-affected> 
(pdf14_cleanup_parent_color_profiles not yet present)
        [wheezy] - ghostscript <not-affected> 
(pdf14_cleanup_parent_color_profiles not yet present)
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51144 - data/CVE

Reply via email to