On Thu, 2017-03-02 at 17:31 +0100, Agostino Sarubbo wrote:
> Please consider the following:
Hi,
I looked on other bunch of the CVEs and here's the result:
CVE-2017-5855 - fixed with revision 1843.
http://sourceforge.net/p/podofo/code/1843
CVE-2017-6840 - fixed with revision 1844+revision 1845. It fixes also
CVE-2017-6842 and CVE-2017-6843.
http://sourceforge.net/p/podofo/code/1844
http://sourceforge.net/p/podofo/code/1845
CVE-2017-6847 - fixed with revision 1846. It fixes also CVE-2017-6848.
http://sourceforge.net/p/podofo/code/1846
CVE-2017-7378 - fixed with revision 1847.
http://sourceforge.net/p/podofo/code/1847
CVE-2017-7380 - fixed with revision 1848. It fixes also CVE-2017-7381,
CVE-2017-7382 and CVE-2017-7383.
http://sourceforge.net/p/podofo/code/1848
CVE-2017-7994 - fixed with revision 1849.
http://sourceforge.net/p/podofo/code/1849
There currently lefts only CVE-2017-8054, as far as I know. I'm
currently unsure how to fix it. Once it will be done it would be good
to retest all the CVEs on some other machine, because it's possible
that my build environment could hid some issues, thus a re-check
against svn trunk by someone being able to reproduce all the issues
would be highly appreciated.
Bye,
zyx
--
http://www.litePDF.cz i...@litepdf.cz
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
