Author: apo Date: 2017-04-17 15:13:58 +0000 (Mon, 17 Apr 2017) New Revision: 50724
Modified: data/CVE/list Log: CVE-2017-7864,freetype: Wheezy is not affected CFF2 support was introduced later (2016-12-15) Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-04-17 12:03:21 UTC (rev 50723) +++ data/CVE/list 2017-04-17 15:13:58 UTC (rev 50724) @@ -73,6 +73,7 @@ NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/2080bc33717955a0e4268e738acf8c1eeddbf8cb CVE-2017-7864 (FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a ...) - freetype <unfixed> (bug #860313) + [wheezy] - freetype <not-affected> (CFF2 support was introduced later) NOTE: Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8 NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509 CVE-2017-7863 (FFmpeg before 2017-02-04 has an out-of-bounds write caused by a ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits