Author: jmm
Date: 2017-07-26 09:45:34 +0000 (Wed, 26 Jul 2017)
New Revision: 53947
Modified:
data/CVE/list
Log:
new qpdf issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-26 09:22:19 UTC (rev 53946)
+++ data/CVE/list 2017-07-26 09:45:34 UTC (rev 53947)
@@ -25,7 +25,7 @@
CVE-2017-11652
RESERVED
CVE-2017-11651 (NexusPHP V1.5 has XSS via a javascript: or data: URL in a
UBBCode url ...)
- TODO: check
+ NOT-FOR-US: NexusPHP
CVE-2017-11650
RESERVED
CVE-2017-11649
@@ -86,13 +86,25 @@
NOTE: https://bugs.php.net/bug.php?id=74603
NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
CVE-2017-11627 (A stack-consumption vulnerability was found in libqpdf in QPDF
6.0.0, ...)
- TODO: check
+ - qpdf <unfixed> (low)
+ [stretch] - qpdf <no-dsa> (Minor issue)
+ [jessie] - qpdf <no-dsa> (Minor issue)
+ NOTE: https://github.com/qpdf/qpdf/issues/118
CVE-2017-11626 (A stack-consumption vulnerability was found in libqpdf in QPDF
6.0.0, ...)
- TODO: check
+ - qpdf <unfixed> (low)
+ [stretch] - qpdf <no-dsa> (Minor issue)
+ [jessie] - qpdf <no-dsa> (Minor issue)
+ NOTE: https://github.com/qpdf/qpdf/issues/119
CVE-2017-11625 (A stack-consumption vulnerability was found in libqpdf in QPDF
6.0.0, ...)
- TODO: check
+ - qpdf <unfixed> (low)
+ [stretch] - qpdf <no-dsa> (Minor issue)
+ [jessie] - qpdf <no-dsa> (Minor issue)
+ NOTE: https://github.com/qpdf/qpdf/issues/120
CVE-2017-11624 (A stack-consumption vulnerability was found in libqpdf in QPDF
6.0.0, ...)
- TODO: check
+ - qpdf <unfixed> (low)
+ [stretch] - qpdf <no-dsa> (Minor issue)
+ [jessie] - qpdf <no-dsa> (Minor issue)
+ NOTE: https://github.com/qpdf/qpdf/issues/117
CVE-2017-11623
RESERVED
CVE-2017-11622
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
