Author: hle
Date: 2017-08-10 17:03:32 +0000 (Thu, 10 Aug 2017)
New Revision: 54555

Modified:
   data/CVE/list
Log:
mupdf not affected by CVE-2016-10246, CVE-2016-10247 and CVE-2017-6060 in 
wheezy: Vulnerable code not present (present since 1.4)

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-10 16:54:57 UTC (rev 54554)
+++ data/CVE/list       2017-08-10 17:03:32 UTC (rev 54555)
@@ -16822,11 +16822,13 @@
        NOTE: 
https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
 CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in 
...)
        - mupdf <unfixed> (unimportant)
+       [wheezy] - mupdf <not-affected> (Vulnerable code not present)
        NOTE: Although jstest_main.c compiled during build and mujstest is 
created
        NOTE: it is not included in the produced binary packages
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/19
 CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in 
Mujstest in ...)
        - mupdf <unfixed> (unimportant)
+       [wheezy] - mupdf <not-affected> (Vulnerable code not present)
        NOTE: Although jstest_main.c compiled during build and mujstest is 
created
        NOTE: it is not included in the produced binary packages
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/20
@@ -19026,6 +19028,7 @@
        NOT-FOR-US: SAP
 CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in 
Artifex ...)
        - mupdf <unfixed> (unimportant)
+       [wheezy] - mupdf <not-affected> (Vulnerable code not present)
        NOTE: Although jstest_main.c compiled during build and mujstest is 
created
        NOTE: it is not included in the produced binary packages
        NOTE: http://www.openwall.com/lists/oss-security/2017/02/18/1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to