[Secure-testing-commits] r38997 - data/CVE

Salvatore Bonaccorso Sun, 17 Jan 2016 23:58:13 -0800

Author: carnil
Date: 2016-01-18 07:57:08 +0000 (Mon, 18 Jan 2016)
New Revision: 38997


Modified:
   data/CVE/list
Log:
Mark librsvg as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-01-18 06:22:02 UTC (rev 38996)
+++ data/CVE/list       2016-01-18 07:57:08 UTC (rev 38997)
@@ -7893,6 +7893,8 @@
 CVE-2015-7558 [Stack exhaustion]
        RESERVED
        - librsvg 2.40.12-1
+       [jessie] - librsvg <no-dsa> (Too intrusive to backport)
+       [wheezy] - librsvg <no-dsa> (Too intrusive to backport)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243
        NOTE: 
https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61
 (2.40.12)
 CVE-2015-7557 [Out-of-bounds heap read in librsvg2 was found when parsing SVG 
file]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r38997 - data/CVE

Reply via email to