mujs entered the archive, recheck some older CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-02-18 21:57:52 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-02-18 21:57:52 +0100
commit: 0fc07d6e6c6f04c4a92894c69cbbbe70ae5a0058 (patch)
tree: 345d5405c4e720c945fdea914020fe24f7b478a4 /data/CVE/2017.list
parent: c1e7cf1e8a2cef9452d494e314b159ab3a5e16eb (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index a1fac96a2a..5205dc5ec8 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -38593,9 +38593,13 @@ CVE-2017-5899 (Directory traversal vulnerability in the setuid root helper binar
 	NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f2699449b66dd702a98925bd1b11153a6f7294bf
 	NOTE: https://www.openwall.com/lists/oss-security/2017/01/27/7
 CVE-2017-5628 (An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10 ...)
-	NOT-FOR-US: MuJS
+	- mujs <not-affected> (Fixed before initial upload to Debian)
+	NOTE: http://git.ghostscript.com/?p=mujs.git;h=8f62ea10a0af68e56d5c00720523ebcba13c2e6a
+	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697496
 CVE-2017-5627 (An issue was discovered in Artifex Software, Inc. MuJS before 4006739a ...)
-	NOT-FOR-US: MuJS
+	- mujs <not-affected> (Fixed before initial upload to Debian)
+	NOTE: http://git.ghostscript.com/?p=mujs.git;h=4006739a28367c708dea19aeb19b8a1a9326ce08
+	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697497
 CVE-2017-5617 (The SVG Salamander (aka svgSalamander) library, when used in a web app ...)
 	{DSA-3781-1 DLA-816-1}
 	- svgsalamander 1.1.1+dfsg-2 (bug #853134)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-02-18 21:57:52 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-02-18 21:57:52 +0100
commit	0fc07d6e6c6f04c4a92894c69cbbbe70ae5a0058 (patch)
tree	345d5405c4e720c945fdea914020fe24f7b478a4 /data/CVE/2017.list
parent	c1e7cf1e8a2cef9452d494e314b159ab3a5e16eb (diff)