[Secure-testing-commits] r58366 - data/CVE

Salvatore Bonaccorso Fri, 08 Dec 2017 09:54:12 -0800

Author: carnil
Date: 2017-12-08 17:53:42 +0000 (Fri, 08 Dec 2017)
New Revision: 58366


Modified:
   data/CVE/list
Log:
Two optipng issues fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-12-08 16:36:08 UTC (rev 58365)
+++ data/CVE/list       2017-12-08 17:53:42 UTC (rev 58366)
@@ -3771,7 +3771,7 @@
        NOTE: Fixed by: 
https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2
 CVE-2017-16938 (A global buffer overflow in OptiPNG 0.7.6 allows remote 
attackers to ...)
        {DLA-1196-1}
-       - optipng <unfixed> (bug #878839)
+       - optipng 0.7.6-1.1 (bug #878839)
        NOTE: https://sourceforge.net/p/optipng/bugs/69/
 CVE-2017-16937
        RESERVED
@@ -4159,7 +4159,7 @@
        NOTE: 
https://git.nlnetlabs.nl/ldns/commit/?id=c8391790c96d4c8a2c10f9ab1460fda83b509fc2
 CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of 
optipng 0.7.6 ...)
        {DLA-1184-1}
-       - optipng <unfixed> (bug #882032)
+       - optipng 0.7.6-1.1 (bug #882032)
        NOTE: https://sourceforge.net/p/optipng/bugs/65/
        NOTE: Proposed patch: 
https://sourceforge.net/p/optipng/bugs/_discuss/thread/2a56b3aa/f6bb/attachment/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
 CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote 
code ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r58366 - data/CVE

Reply via email to