[Secure-testing-commits] r28146 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 8 18:32:03 UTC 2014
Author: carnil
Date: 2014-08-08 18:32:03 +0000 (Fri, 08 Aug 2014)
New Revision: 28146
Modified:
data/CVE/list
Log:
Add fixed version for freetype issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-08 10:45:03 UTC (rev 28145)
+++ data/CVE/list 2014-08-08 18:32:03 UTC (rev 28146)
@@ -7334,13 +7334,13 @@
CVE-2014-2246 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
NOT-FOR-US: Siemens
CVE-2014-2241 (The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer ...)
- - freetype <unfixed> (bug #741299)
+ - freetype 2.5.2-1.1 (bug #741299)
[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
NOTE: http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
NOTE: https://savannah.nongnu.org/bugs/?41697#comment2 if I understood it right
CVE-2014-2240 (Stack-based buffer overflow in the cf2_hintmap_build function in ...)
- - freetype <unfixed> (bug #741299)
+ - freetype 2.5.2-1.1 (bug #741299)
[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
NOTE: http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
More information about the Secure-testing-commits
mailing list