https://bugzilla.redhat.com/show_bug.cgi?id=1637492
Cedric Buissart <cbuissar(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
|1005,reported=20181005,sour |1005,reported=20181005,sour
|ce=oss-security,cvss3=5.5/C |ce=oss-security,cvss3=5.5/C
|VSS:3.0/AV:L/AC:L/PR:N/UI:R |VSS:3.0/AV:L/AC:L/PR:N/UI:R
|/S:U/C:N/I:N/A:H,cwe=CWE-67 |/S:U/C:N/I:N/A:H,cwe=CWE-67
|4,fedora-all/pdfbox=affecte |4,fedora-all/pdfbox=affecte
|d,bpms-6/pdfbox=new,brms-6/ |d,bpms-6/pdfbox=new,brms-6/
|pdfbox=new,fsw-6/pdfbox=new |pdfbox=new,fsw-6/pdfbox=new
|,fuse-6/pdfbox=new,fuse-7/p |,fuse-6/pdfbox=new,fuse-7/p
|dfbox=new,jdv-6/pdfbox=new, |dfbox=new,jdv-6/pdfbox=new,
|rhn_satellite_5/PDFBox=new |rhn_satellite_5/nutch=wontf
| |ix/impact=low
--- Comment #2 from Cedric Buissart <cbuissar(a)redhat.com> ---
Regarding the Satellite 5 product:
Reducing the severity to Low : PDFBox is only used to create PDF. No attack
vector, where an attacker could send a crafted PDF for parsing, have been
found.
--
You are receiving this mail because:
You are on the CC list for the bug.