From 3aafa19a344c178c97e97998e5bf7a5109358592 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 10 Jan 2021 08:25:56 +0100
Subject: Track experimental fix for CVE-2018-11255/libpodofo

Remove reference to r1952 revision. As discussed upstream it was only
found that after r1952 the issue is not present anymore but not
pinpointed to this revision for fix.
---
 data/CVE/2018.list | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'data/CVE/2018.list')

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 0da75aad89..509624843c 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -26626,6 +26626,7 @@ CVE-2018-11256 (An issue was discovered in PoDoFo 0.9.5. The function PdfDocumen
 	NOTE: https://sourceforge.net/p/podofo/tickets/21
 	NOTE: https://sourceforge.net/p/podofo/code/1938
 CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPage ...)
+	[experimental] - libpodofo 0.9.7+dfsg-1
 	- libpodofo <unfixed> (low; bug #916584)
 	[buster] - libpodofo <no-dsa> (Minor issue)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -26633,7 +26634,6 @@ CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function PdfPage::G
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575502
 	NOTE: https://sourceforge.net/p/podofo/tickets/20
-	NOTE: https://sourceforge.net/p/podofo/code/1952 (this commit doesn't fix the crash)
 CVE-2018-11254 (An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursi ...)
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916585)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
-- 
cgit v1.2.3