[Secure-testing-commits] r25138 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jan 10 03:05:56 UTC 2014


Author: carnil
Date: 2014-01-10 03:05:56 +0000 (Fri, 10 Jan 2014)
New Revision: 25138

Modified:
   data/CVE/list
Log:
Add additional information for graphviz issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-10 02:56:05 UTC (rev 25137)
+++ data/CVE/list	2014-01-10 03:05:56 UTC (rev 25138)
@@ -22,6 +22,8 @@
 CVE-2014-0978 [stack-based buffer overflow in yyerror()]
 	- graphviz <unfixed> (bug #734745)
 	NOTE: https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a
+	NOTE: additional commit required: https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
+	NOTE: see: https://bugzilla.redhat.com/show_bug.cgi?id=1049165#c6
 CVE-2014-0977 [XSS]
 	- movabletype-opensource 5.2.9+dfsg-1 (bug #734304)
 CVE-2014-0971




More information about the Secure-testing-commits mailing list