Bug#933636: CVE-2019-14934

To: 933636@bugs.debian.org, 933637@bugs.debian.org
Subject: Bug#933636: CVE-2019-14934
From: Francois Marier <francois@debian.org>
Date: Tue, 13 Aug 2019 23:29:55 -0700
Message-id: <[🔎] 20190814062955.GD29207@akranes.dyn.fmarier.org>
Reply-to: Francois Marier <francois@debian.org>, 933636@bugs.debian.org
References: <[🔎] 20190801085401.GA23159@akranes.dyn.fmarier.org>

There is now an additional CVE that affects pdfresurrect in buster and
stretch:

  https://security-tracker.debian.org/tracker/CVE-2019-14934

Neither this one or CVE-2019-14267 are deemed worthy of a DSA however.

If you approve the first upload I have prepared for buster and stretch, I
will revise it to include the fix for this second CVE, but I will wait for
your initial approval before putting any more work into this.

Francois

-- 
https://fmarier.org/

Reply to:

Follow-Ups:
- Bug#933636: CVE-2019-14934
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#933636: CVE-2019-14934
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#933636: stretch-pu: package pdfresurrect/0.12-6
  - From: Francois Marier <francois@debian.org>

Prev by Date: Bug#934725: nmu: golang-github-google-pprof_0.0~git20190109.e84dfd6-1
Next by Date: Bug#933636: CVE-2019-14934
Previous by thread: Bug#933636: stretch-pu: package pdfresurrect/0.12-6
Next by thread: Bug#933636: CVE-2019-14934
Index(es):
- Date
- Thread