[Secure-testing-commits] r51305 - data/CVE

Mattia Rizzolo Wed, 03 May 2017 03:16:11 -0700

Author: mattia
Date: 2017-05-03 10:15:32 +0000 (Wed, 03 May 2017)
New Revision: 51305


Modified:
   data/CVE/list
Log:
update libpodofo bugs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-03 09:12:17 UTC (rev 51304)
+++ data/CVE/list       2017-05-03 10:15:32 UTC (rev 51305)
@@ -5687,45 +5687,45 @@
 CVE-2017-6427 (A Buffer Overflow was discovered in EvoStream Media Server 
1.7.1. A ...)
        NOT-FOR-US: EvoStream Media Server
 CVE-2017-6849 (The PoDoFo::PdfColorGray::~PdfColorGray function in 
PdfColor.cpp in ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861566)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/10
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcolorgraypdfcolorgray-pdfcolor-cpp
 CVE-2017-6848 (The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp 
in ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861565)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/9
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfxobjectpdfxobject-pdfxobject-cpp
 CVE-2017-6847 (The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in 
PoDoFo ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861564)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/8
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfvariantdelayedload-pdfvariant-h
 CVE-2017-6846 (The 
GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861563)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/7
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementsetnonstrokingcolorspace-graphicsstack-h/
 CVE-2017-6845 (The PoDoFo::PdfColor::operator function in PdfColor.cpp in 
PoDoFo ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861562)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/6
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
 CVE-2017-6844 (Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection 
function ...)
        {DLA-929-1}
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861561)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/5
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
        NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
 CVE-2017-6843 (Heap-based buffer overflow in the 
PoDoFo::PdfVariant::DelayedLoad ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861560)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/4
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-heap-based-buffer-overflow-in-podofopdfvariantdelayedload-pdfvariant-h
 CVE-2017-6842 (The ColorChanger::GetColorFromStack function in 
colorchanger.cpp in ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861559)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/3
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-colorchangergetcolorfromstack-colorchanger-cpp
 CVE-2017-6841 (The 
GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861558)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/2
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h
 CVE-2017-6840 (The ColorChanger::GetColorFromStack function in 
colorchanger.cpp in ...)
-       - libpodofo <unfixed> (bug #856592)
+       - libpodofo <unfixed> (bug #861557)
        NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/1
        NOTE: 
https://blogs.gentoo.org/ago/2017/03/02/podofo-invalid-memory-read-in-colorchangergetcolorfromstack-colorchanger-cpp
 CVE-2017-6426


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51305 - data/CVE

Reply via email to