Author: carnil Date: 2016-01-18 07:57:08 +0000 (Mon, 18 Jan 2016) New Revision: 38997
Modified: data/CVE/list Log: Mark librsvg as no-dsa Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-01-18 06:22:02 UTC (rev 38996) +++ data/CVE/list 2016-01-18 07:57:08 UTC (rev 38997) @@ -7893,6 +7893,8 @@ CVE-2015-7558 [Stack exhaustion] RESERVED - librsvg 2.40.12-1 + [jessie] - librsvg <no-dsa> (Too intrusive to backport) + [wheezy] - librsvg <no-dsa> (Too intrusive to backport) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243 NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12) CVE-2015-7557 [Out-of-bounds heap read in librsvg2 was found when parsing SVG file] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits