diff options
author | Markus Koschany <apo@debian.org> | 2017-11-18 17:52:46 +0000 |
---|---|---|
committer | Markus Koschany <apo@debian.org> | 2017-11-18 17:52:46 +0000 |
commit | d57fdbb27f841313bf9c009c95eeba7ed990543f (patch) | |
tree | 0bb065a380c5c8b167a9fba47e49567fe864e7eb /doc | |
parent | 356beec5640ea274749df3d5b84a02e0f5532769 (diff) |
CVE-2017-14929,poppler: Mark as ignored for Wheezy
The vulnerability (infinite loop) is not reproducible with the provided POC in
Wheezy. The code looks similar although it differs in function names (drawform
-> doform1) and function parameters. The fix requires an API change. It is not
clear to me whether the package in Wheezy is still affected but following
upstream's fix would require a rebuild of all reverse-dependencies. I'm going
to mark this issue as ignored because it is not clear if the fix is needed and
the current solution is probably too intrusive to backport.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@57786 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'doc')
0 files changed, 0 insertions, 0 deletions