[Git][security-tracker-team/security-tracker][master] "new" pikepdf issue

Moritz Muehlenhoff (@jmm) Thu, 10 Nov 2022 07:53:44 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5352b6ae by Moritz Muehlenhoff at 2022-11-10T16:53:02+01:00
&quot;new&quot; pikepdf issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6447,7 +6447,8 @@ CVE-2022-3662 (A vulnerability was found in Axiomatic 
Bento4. It has been declar
 CVE-2021-46850 (myVesta Control Panel before 0.9.8-26-43 and Vesta Control 
Panel befor ...)
        NOT-FOR-US: myVesta Control Panel
 CVE-2021-46849 (pikepdf before 2.10.0 allows an XXE attack against PDF XMP 
metadata pa ...)
-       TODO: check
+       - pikepdf 3.2.0+dfsg-1
+       NOTE: 
https://github.com/pikepdf/pikepdf/blob/v2.10.0/docs/release_notes.rst#v2100
 CVE-2021-46848 (GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array 
size check ...)
        - libtasn1-6 4.19.0-2
        [bullseye] - libtasn1-6 <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5352b6ae45659b34d616c9cabea83216dd755536

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5352b6ae45659b34d616c9cabea83216dd755536
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] "new" pikepdf issue

Reply via email to