[Secure-testing-commits] r21957 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Tue Apr 16 10:48:05 UTC 2013


Author: carnil
Date: 2013-04-16 10:48:05 +0000 (Tue, 16 Apr 2013)
New Revision: 21957

Modified:
   data/CVE/list
Log:
add entry for CVE-2013-1953, autotrace (and possibly gimp)

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-16 10:42:28 UTC (rev 21956)
+++ data/CVE/list	2013-04-16 10:48:05 UTC (rev 21957)
@@ -1815,8 +1815,14 @@
 	RESERVED
 	- vlc 2.0.6-1 (bug #705136)
 	NOTE: http://www.videolan.org/security/sa1302.html
-CVE-2013-1953
+CVE-2013-1953 [stack-based buffer overflow in bmp parser]
 	RESERVED
+	- autotrace <unfixed>
+	- gimp <undetermined>
+	NOTE: In gimp code introduced with d9c6f88141aecf956c5d721168f795de0e3027b8
+	NOTE: and fixed with 57f805a159874107c6c98065f9aa648c3634b8fd
+	NOTE: https://git.gnome.org/browse/gimp/commit/?h=d9c6f88141aecf956c5d7
+	NOTE: https://git.gnome.org/browse/gimp/commit/?h=57f805a159874107c6c98
 CVE-2013-1952
 	RESERVED
 CVE-2013-1951




More information about the Secure-testing-commits mailing list