[Secure-testing-commits] r57701 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2017-11-17 09:21:32 +0000 (Fri, 17 Nov 2017)
New Revision: 57701

Modified:
   data/CVE/list
Log:
new optipng issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-17 09:20:46 UTC (rev 57700)
+++ data/CVE/list       2017-11-17 09:21:32 UTC (rev 57701)
@@ -40,7 +40,8 @@
        - ldns <unfixed>
        NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
 CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of 
optipng 0.7.6 ...)
-       TODO: check
+       - optipng <unfixed>
+       NOTE: https://sourceforge.net/p/optipng/bugs/65/
 CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote 
code ...)
        NOT-FOR-US: nodejs ejs
 CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the 
REST API ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits