[Secure-testing-commits] r9781 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Tue Sep 9 12:27:50 UTC 2008
Author: white
Date: 2008-09-09 12:27:48 +0000 (Tue, 09 Sep 2008)
New Revision: 9781
Modified:
data/CVE/list
Log:
one off-by-one error in libpng affects the debian versions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-09 11:58:08 UTC (rev 9780)
+++ data/CVE/list 2008-09-09 12:27:48 UTC (rev 9781)
@@ -1,3 +1,12 @@
+begin claimed by white
+CVE-2008-XXXX [libpng off-by-one error]
+ - libpng <unfixed>
+ NOTE: CVE id requested
+ NOTE: off-by-one error in pngpread.c is not present, must have
+ NOTE: been introduced later, but I think pngtest.c is affected
+ TODO: check that 1.2.32 is not uploaded, as it also includes
+ TODO: the off-by-one error in pngpread.c
+end claimed by white
CVE-2008-XXXX [multiple heap based overflows in xine-lib]
- xine-lib <unfixed> (medium; bug #498243)
NOTE: CVE ids requested
More information about the Secure-testing-commits
mailing list