diff options
| author | Neil Williams <codehelp@debian.org> | 2021-08-06 09:41:21 +0100 |
|---|---|---|
| committer | Neil Williams <codehelp@debian.org> | 2021-08-06 09:41:21 +0100 |
| commit | eb9f76f35ead7c9a3b720a5071a0d297a18ef4de (patch) | |
| tree | d6561bdfa3448f41de853e618f09db7589b7b4ac /data/CVE/list.2016 | |
| parent | 2667233a343d7ea710170067b83e8ee32f2c7a99 (diff) | |
Clarify 49c364ab for mupdf
Vulnerable C code exists in the source package but this is neither
compiled nor packaged in stretch. Set <ignored> in preference to
<not-affected>.
Diffstat (limited to 'data/CVE/list.2016')
| -rw-r--r-- | data/CVE/list.2016 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list.2016 b/data/CVE/list.2016 index 1f83088e66..d0524624ee 100644 --- a/data/CVE/list.2016 +++ b/data/CVE/list.2016 @@ -2116,14 +2116,14 @@ CVE-2016-10248 (The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in Mujstes ...) - mupdf 1.11+ds1-1 (unimportant) [wheezy] - mupdf <not-affected> (Vulnerable code not present) - [stretch] - mupdf <not-affected> (Vulnerable code not present) + [stretch] - mupdf <ignored> (Vulnerable code not packaged or compiled) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/19 CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstest in A ...) - mupdf 1.11+ds1-1 (unimportant) [wheezy] - mupdf <not-affected> (Vulnerable code not present) - [stretch] - mupdf <not-affected> (Vulnerable code not present) + [stretch] - mupdf <ignored> (Vulnerable code not packaged or compiled) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/20 |