[Secure-testing-commits] r21817 - data/CVE
Michael Gilbert
mgilbert at alioth.debian.org
Wed Apr 3 03:33:39 UTC 2013
Author: mgilbert
Date: 2013-04-03 03:33:39 +0000 (Wed, 03 Apr 2013)
New Revision: 21817
Modified:
data/CVE/list
Log:
libwebp unfixed in unstable and wasn't shipped with squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-03 02:44:18 UTC (rev 21816)
+++ data/CVE/list 2013-04-03 03:33:39 UTC (rev 21817)
@@ -9910,9 +9910,8 @@
- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
CVE-2012-5127 (Integer overflow in Google Chrome before 23.0.1271.64 allows remote ...)
- chromium-browser 24.0.1312.68-1
- - libwebp 0.2.1-1 (low)
- [squeeze] - libwebp <no-dsa> (Minor issue)
- [wheezy] - libwebp <no-dsa> (Minor issue)
+ - libwebp <unfixed> (bug #704573)
+ NOTE: fixed in experimental version 0.2.1-1
NOTE: https://bugs.gentoo.org/show_bug.cgi?id=442152
NOTE: Upstream announce: https://groups.google.com/a/webmproject.org/forum/?fromgroups=#!topic/webp-discuss/QTtgi8YfgkE
CVE-2012-5126 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
More information about the Secure-testing-commits
mailing list