Author: luciano
Date: 2017-11-09 16:41:21 +0000 (Thu, 09 Nov 2017)
New Revision: 57505
Modified:
data/CVE/list
Log:
mupdf issues: pocs not effective in jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-09 16:16:04 UTC (rev 57504)
+++ data/CVE/list 2017-11-09 16:41:21 UTC (rev 57505)
@@ -5453,19 +5453,20 @@
CVE-2017-14687 (Artifex MuPDF 1.11 allows attackers to cause a denial of
service or ...)
{DSA-4006-1 DLA-1164-1}
- mupdf 1.11+ds1-1.1 (bug #877379)
+ [jessie] - mupdf <not-affected> (poc not effective)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698558
NOTE: Fixed by:
http://git.ghostscript.com/?p=mupdf.git;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28
CVE-2017-14686 (Artifex MuPDF 1.11 allows attackers to execute arbitrary code
or cause ...)
{DSA-4006-1}
- mupdf 1.11+ds1-1.1 (bug #877379)
- [jessie] - mupdf <not-affected> (vulnerable code not present)
+ [jessie] - mupdf <not-affected> (vulnerable code not present, poc not
effective)
[wheezy] - mupdf <not-affected> (vulnerable code not present)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698540
NOTE: Fixed by:
http://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1
CVE-2017-14685 (Artifex MuPDF 1.11 allows attackers to cause a denial of
service or ...)
{DSA-4006-1}
- mupdf 1.11+ds1-1.1 (bug #877379)
- [jessie] - mupdf <not-affected> (vulnerable code not present)
+ [jessie] - mupdf <not-affected> (vulnerable code not present, poc not
effective)
[wheezy] - mupdf <not-affected> (vulnerable code not present)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698539
NOTE: Fixed by:
http://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
