[Secure-testing-commits] r22478 - in data: . CVE
Raphael Geissert
atomo64-guest at alioth.debian.org
Tue Jun 4 13:45:58 UTC 2013
Author: atomo64-guest
Date: 2013-06-04 13:45:57 +0000 (Tue, 04 Jun 2013)
New Revision: 22478
Modified:
data/CVE/list
data/embedded-code-copies
Log:
libkdraw and darktable embed libraw
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-04 13:29:26 UTC (rev 22477)
+++ data/CVE/list 2013-06-04 13:45:57 UTC (rev 22478)
@@ -3669,6 +3669,8 @@
CVE-2013-2127 [libraw: buffer overflow]
RESERVED
- libraw <not-affected> (Only affects 0.15)
+ - libkdcraw <not-affected> (embeds libraw 0.14)
+ - darktable <not-affected> (embeds libraw 0.14)
NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
NOTE: https://github.com/LibRaw/LibRaw/commit/2f912f5b33582961b1cdbd9fd828589f8b78f21d
CVE-2013-2126 [libraw: double-free]
@@ -3676,6 +3678,8 @@
- libraw <unfixed> (low; bug #710353)
[wheezy] - libraw <no-dsa> (Not suitable for code injection, minor issue)
[squeeze] - libraw <not-affected> (Vulnerable code not present)
+ - libkdcraw <unfixed>
+ - darktable <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
NOTE: https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6
CVE-2013-2125
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2013-06-04 13:29:26 UTC (rev 22477)
+++ data/embedded-code-copies 2013-06-04 13:45:57 UTC (rev 22478)
@@ -1,4 +1,4 @@
-Embedded code copies
+mbedded code copies
====================
This file collects source packages that embed code from other projects.
@@ -2591,6 +2591,9 @@
darktable
- libraw <unfixed> (modified-embed; bug #682980)
+libraw
+ - libkdcraw <unfixed>
+
mednafen
- lzo2 0.8.D.3-4
[squeeze] - lzo2 <unfixed>
More information about the Secure-testing-commits
mailing list