[Secure-testing-commits] r50651 - data/CVE

Salvatore Bonaccorso Fri, 14 Apr 2017 02:58:27 -0700

Author: carnil
Date: 2017-04-14 09:57:29 +0000 (Fri, 14 Apr 2017)
New Revision: 50651


Modified:
   data/CVE/list
Log:
Add CVE-2017-7858/freetype

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-04-14 09:55:51 UTC (rev 50650)
+++ data/CVE/list       2017-04-14 09:57:29 UTC (rev 50651)
@@ -28,7 +28,10 @@
 CVE-2017-7859 (FFmpeg before 2017-03-05 has an out-of-bounds write caused by a 
...)
        TODO: check
 CVE-2017-7858 (FreeType 2 before 2017-03-07 has an out-of-bounds write related 
to the ...)
-       TODO: check
+       - freetype <not-affected> (Vulnerable code introduced in 2.6.4)
+       NOTE: Introduced after: 
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
+       NOTE: Fixed by: 
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e
+       NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738
 CVE-2017-7857 (FreeType 2 before 2017-03-08 has an out-of-bounds write caused 
by a ...)
        - freetype <not-affected> (Vulnerable code introduced in 2.6.4)
        NOTE: Introduced after: 
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r50651 - data/CVE

Reply via email to