[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-6187/CVE-2018-6544 ignored in Wheezy

Sat, 17 Mar 2018 15:04:45 -0700 

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a6b0ee97 by Hugo Lefeuvre at 2018-03-17T23:00:49+01:00
Mark CVE-2018-6187/CVE-2018-6544 ignored in Wheezy

Mupdf in Wheezy is most likely not affected by these two rather
unimportant issues.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5898,10 +5898,12 @@ CVE-2018-6545 (Ipswitch MoveIt v8.1 is vulnerable to a 
Stored Cross-Site Scripti
        NOT-FOR-US: Ipswitch MoveIt
 CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 
could ...)
        - mupdf 1.12.0+ds1-1 (bug #891245)
+       [wheezy] - mupdf <ignored> (Most likely not affected, minor issue)
        NOTE: 
http://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d
        NOTE: 
http://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698830
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698965
+       NOTE: https://lists.debian.org/debian-lts/2018/03/msg00043.html
 CVE-2018-6543 (In GNU Binutils 2.30, there's an integer overflow in the 
function ...)
        - binutils 2.30-3
        [stretch] - binutils <ignored> (Minor issue)
@@ -6954,7 +6956,9 @@ CVE-2018-6187 (In Artifex MuPDF 1.12.0, there is a 
heap-based buffer overflow ..
        - mupdf <unfixed> (bug #888464)
        [stretch] - mupdf <no-dsa> (Minor issue)
        [jessie] - mupdf <no-dsa> (Minor issue)
+       [wheezy] - mupdf <ignored> (Most likely not affected, minor issue)
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698908
+       NOTE: https://lists.debian.org/debian-lts/2018/03/msg00041.html
 CVE-2018-6186 (Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF 
attack via ...)
        NOT-FOR-US: Citrix NetScaler VPX
 CVE-2018-6185



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6b0ee9751ed751865cea4e9d0a110fbbc8c2fc2

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6b0ee9751ed751865cea4e9d0a110fbbc8c2fc2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to