Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fb2c688b by Salvatore Bonaccorso at 2018-01-14T11:19:21+01:00 Add CVE-2018-5686/mupdf - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -23,7 +23,12 @@ CVE-2018-5688 CVE-2018-5687 (NewsBee allows XSS via the Company Name field in the Settings under ...) TODO: check CVE-2018-5686 (In MuPDF 1.12.0, there is an infinite loop vulnerability and ...) - TODO: check + - mupdf <unfixed> + [stretch] - mupdf <no-dsa> (Minor issue) + [jessie] - mupdf <no-dsa> (Minor issue) + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698860 + NOTE: pdf_parse_array function in source/pdf/pdf-parse.c does not consider + NOTE: EOF. CVE-2018-5685 (In GraphicsMagick 1.3.27, there is an infinite loop and application ...) - graphicsmagick <unfixed> NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb2c688b52e99d6e6e4710a499ce61ae217b7729 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb2c688b52e99d6e6e4710a499ce61ae217b7729 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits