Author: carnil Date: 2016-05-29 18:09:01 +0000 (Sun, 29 May 2016) New Revision: 42127
Modified: data/CVE/list Log: Add new libgd2 issue Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-05-29 17:46:32 UTC (rev 42126) +++ data/CVE/list 2016-05-29 18:09:01 UTC (rev 42127) @@ -1,3 +1,11 @@ +CVE-2016-XXXX [xbm: avoid stack overflow (read) with large names] + - libgd2 2.2.1-1 + NOTE: Fixed by: https://github.com/libgd/libgd/commit/4dc1a2d7931017d3625f2d7cff70a17ce58b53b4 (gd-2.2.0) + NOTE: https://github.com/libgd/libgd/issues/211 + - php5 <unfixed> (unimportant) + NOTE: PHP bug: https://bugs.php.net/bug.php?id=72115 + NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/29/3 CVE-2016-5102 RESERVED CVE-2016-5101 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
