From 22a4633eed48c93b29cfd1e129f09aac384213c1 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 12 Jun 2021 20:47:35 +0200
Subject: Add two new Apache PDFBox issues

For the 2.x variant it is asserted that they affect 2.0.23 so the
unstable version, no further analysis has been done yet for the 1.x
branch/version.
---
 data/CVE/list | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 12ea386bb6..31d5626f6e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6653,10 +6653,16 @@ CVE-2021-31814
 	RESERVED
 CVE-2021-31813
 	RESERVED
-CVE-2021-31812
+CVE-2021-31812 [A carefully crafted PDF file can trigger an infinite loop while loading the file]
 	RESERVED
-CVE-2021-31811
+	- libpdfbox2-java <unfixed>
+	- libpdfbox-java <undetermined>
+	NOTE: https://www.openwall.com/lists/oss-security/2021/06/12/1
+CVE-2021-31811 [A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading a tiny file]
 	RESERVED
+	- libpdfbox2-java <unfixed>
+	- libpdfbox-java <undetermined>
+	NOTE: https://www.openwall.com/lists/oss-security/2021/06/12/2
 CVE-2021-31810
 	RESERVED
 CVE-2021-31809
-- 
cgit v1.2.3