[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5686/mupdf

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fb2c688b by Salvatore Bonaccorso at 2018-01-14T11:19:21+01:00
Add CVE-2018-5686/mupdf

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -23,7 +23,12 @@ CVE-2018-5688
 CVE-2018-5687 (NewsBee allows XSS via the Company Name field in the Settings 
under ...)
        TODO: check
 CVE-2018-5686 (In MuPDF 1.12.0, there is an infinite loop vulnerability and 
...)
-       TODO: check
+       - mupdf <unfixed>
+       [stretch] - mupdf <no-dsa> (Minor issue)
+       [jessie] - mupdf <no-dsa> (Minor issue)
+       NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698860
+       NOTE: pdf_parse_array function in source/pdf/pdf-parse.c does not 
consider
+       NOTE: EOF.
 CVE-2018-5685 (In GraphicsMagick 1.3.27, there is an infinite loop and 
application ...)
        - graphicsmagick <unfixed>
        NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb2c688b52e99d6e6e4710a499ce61ae217b7729

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb2c688b52e99d6e6e4710a499ce61ae217b7729
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits