mujs entered the archive, recheck some older CVEs

1 files changed, 6 insertions, 2 deletions

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index dfd8b00dba..76689c6d14 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -40038,7 +40038,9 @@ CVE-2018-6192 (In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pd
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698916
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?5e411a99604ff6be5db9e273ee84737204113299
 CVE-2018-6191 (The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has a ...)
-	NOT-FOR-US: MuJS
+	- mujs <not-affected> (Fixed before initial upload to Debian)
+	NOTE: http://git.ghostscript.com/?p=mujs.git;a=commit;h=25821e6d74fab5fcc200fe5e818362e03e114428
+	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698920
 CVE-2018-6190 (Netis WF2419 V3.2.41381 devices allow XSS via the Description field on ...)
 	NOT-FOR-US: Netis WF2419 V3.2.41381 devices
 CVE-2018-6198 (w3m through 0.5.3 does not properly handle temporary files when the ~/ ...)
@@ -41511,7 +41513,9 @@ CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was f
 CVE-2018-5760
 	RESERVED
 CVE-2018-5759 (jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the ...)
-	NOT-FOR-US: MuJS
+	- mujs <not-affected> (Fixed before initial upload to Debian)
+	NOTE: http://git.ghostscript.com/?p=mujs.git;a=commit;h=4d45a96e57fbabf00a7378b337d0ddcace6f38c1
+	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698868
 CVE-2018-5758 (The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0. ...)
 	NOT-FOR-US: Aurea Jive Jive-n
 CVE-2018-5757 (An issue was discovered on AudioCodes 450HD IP Phone devices with firm ...)