[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove some no-dsa entries which will be fixed along in next DSA

Wed, 03 Jan 2018 11:10:34 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
da0413c9 by Moritz Muehlenhoff at 2018-01-03T20:06:25+01:00
Remove some no-dsa entries which will be fixed along in next DSA

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -18832,7 +18832,6 @@ CVE-2017-14978
 CVE-2017-14977 (The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in 
Poppler ...)
        {DLA-1177-1}
        - poppler 0.61.1-2 (low; bug #877952)
-       [jessie] - poppler <no-dsa> (Minor issue)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103045
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=19eedc6fb693a62f305e13079501e3105f869f3c
 CVE-2017-14976 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in 
Poppler ...)
@@ -18843,7 +18842,6 @@ CVE-2017-14976 (The FoFiType1C::convertToType0 function 
in FoFiType1C.cc in Popp
 CVE-2017-14975 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in 
Poppler ...)
        {DLA-1177-1}
        - poppler 0.61.1-2 (low; bug #877957)
-       [jessie] - poppler <no-dsa> (Minor issue)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102653
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=a5e5649ecf16fa05770620dbbd4985935dc2bbff
 CVE-2017-14974 (The *_get_synthetic_symtab functions in the Binary File 
Descriptor ...)
@@ -19905,8 +19903,8 @@ CVE-2017-14618 (Cross-site scripting (XSS) 
vulnerability in inc/PMF/Faq.php in p
 CVE-2017-14617 (In Poppler 0.59.0, a floating point exception occurs in the 
ImageStream ...)
        {DLA-1116-1}
        - poppler 0.61.1-2 (bug #876385)
-       [stretch] - poppler <no-dsa> (Minor issue)
-       [jessie] - poppler <no-dsa> (Minor issue)
+       [stretch] - poppler <ignored> (Minor issue)
+       [jessie] - poppler <ignored> (Minor issue)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102854
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=939465c40902d72e0c05d4f3a27ee67e4a007ed7
        NOTE: The patch applied in 0.48.0-2+deb9u1 (stretch) and 
0.26.5-2+deb8u2 (jessie)
@@ -20159,7 +20157,6 @@ CVE-2017-14521
        RESERVED
 CVE-2017-14520 (In Poppler 0.59.0, a floating point exception occurs in ...)
        - poppler 0.61.1-2 (low; bug #876081)
-       [jessie] - poppler <no-dsa> (Minor issue)
        [wheezy] - poppler <not-affected> (vulnerable code not present)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102719
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=504b3590182175390f474657a372e78fb1508262
@@ -20170,14 +20167,12 @@ CVE-2017-14519 (In Poppler 0.59.0, memory corruption 
occurs in a call to ...)
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=aaf5327649e8f7371c9d3270e7813c43ddfd47ee
 CVE-2017-14518 (In Poppler 0.59.0, a floating point exception exists in the 
...)
        - poppler 0.61.1-2 (low; bug #876082)
-       [jessie] - poppler <no-dsa> (Minor issue)
        [wheezy] - poppler <not-affected> (vulnerable code not present)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102688
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=80f9819b6233f9f9b5fd44f0e4cad026e5d048c2
 CVE-2017-14517 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the 
...)
        {DLA-1116-1}
        - poppler 0.61.1-2 (low; bug #876079)
-       [jessie] - poppler <no-dsa> (Minor issue)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102687
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f
 CVE-2017-14516 (Cross-Site Scripting (XSS) exists in SAP Business Objects 
Financial ...)
@@ -35112,7 +35107,6 @@ CVE-2017-9409 (In ImageMagick 7.0.5-5, the ReadMPCImage 
function in mpc.c allows
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/458
 CVE-2017-9408 (In Poppler 0.54.0, a memory leak vulnerability was found in the 
...)
        - poppler 0.57.0-2 (low; bug #864009)
-       [jessie] - poppler <no-dsa> (Minor issue)
        [wheezy] - poppler <not-affected> (Vulnerable code not present)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100776
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=b21b041f7948680c03109f0c404400a9dbc4544c
@@ -35123,7 +35117,6 @@ CVE-2017-9407 (In ImageMagick 7.0.5-5, the 
ReadPALMImage function in palm.c allo
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/459
 CVE-2017-9406 (In Poppler 0.54.0, a memory leak vulnerability was found in the 
...)
        - poppler 0.57.0-2 (low; bug #864010)
-       [jessie] - poppler <no-dsa> (Minor issue)
        [wheezy] - poppler <not-affected> (Vulnerable code not present)
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100775
        NOTE: 
https://cgit.freedesktop.org/poppler/poppler/commit/?id=278439531b13b0b047dbe3a75aa3f1b3407c8bd4



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da0413c9fd1e08fd7bc14914bc8363081fb9d757

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da0413c9fd1e08fd7bc14914bc8363081fb9d757
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to