[Secure-testing-commits] r21144 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Mon Feb 4 21:42:00 UTC 2013
Author: carnil
Date: 2013-02-04 21:42:00 +0000 (Mon, 04 Feb 2013)
New Revision: 21144
Modified:
data/CVE/list
Log:
add information that CVE-2012-5127 is also affecting libwebp, fixed in 0.2.1-1 (experimental). Add links to gentoo bug and announce of 0.2.1 release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-04 21:14:51 UTC (rev 21143)
+++ data/CVE/list 2013-02-04 21:42:00 UTC (rev 21144)
@@ -6949,6 +6949,9 @@
- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
CVE-2012-5127 (Integer overflow in Google Chrome before 23.0.1271.64 allows remote ...)
- chromium-browser <unfixed>
+ - libwebp 0.2.1-1
+ NOTE: https://bugs.gentoo.org/show_bug.cgi?id=442152
+ NOTE: Upstream announce: https://groups.google.com/a/webmproject.org/forum/?fromgroups=#!topic/webp-discuss/QTtgi8YfgkE
CVE-2012-5126 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
- chromium-browser <unfixed>
CVE-2012-5125 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
More information about the Secure-testing-commits
mailing list