diff options
author | Neil Williams <codehelp@debian.org> | 2021-08-06 09:41:21 +0100 |
---|---|---|
committer | Neil Williams <codehelp@debian.org> | 2021-08-06 09:41:21 +0100 |
commit | eb9f76f35ead7c9a3b720a5071a0d297a18ef4de (patch) | |
tree | d6561bdfa3448f41de853e618f09db7589b7b4ac /data/CVE/list.2017 | |
parent | 2667233a343d7ea710170067b83e8ee32f2c7a99 (diff) |
Clarify 49c364ab for mupdf
Vulnerable C code exists in the source package but this is neither
compiled nor packaged in stretch. Set <ignored> in preference to
<not-affected>.
Diffstat (limited to 'data/CVE/list.2017')
-rw-r--r-- | data/CVE/list.2017 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index 207e7aac6e..2b7ed5eb00 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -37212,7 +37212,7 @@ CVE-2017-6061 (Cross-site scripting (XSS) vulnerability in the help component of CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in Artifex So ...) - mupdf 1.12.0+ds1-1 (unimportant) [wheezy] - mupdf <not-affected> (Vulnerable code not present) - [stretch] - mupdf <not-affected> (Vulnerable code not present) + [stretch] - mupdf <ignored> (Vulnerable code not packaged or compiled) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages NOTE: https://www.openwall.com/lists/oss-security/2017/02/18/1 |