[Secure-testing-commits] r26040 - data/CVE

Mon Mar 10 15:47:15 UTC 2014

Author: atomo64-guest
Date: 2014-03-10 15:47:15 +0000 (Mon, 10 Mar 2014)
New Revision: 26040

Modified:
   data/CVE/list
Log:
some additional notes for freetype issues


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-03-10 15:25:44 UTC (rev 26039)
+++ data/CVE/list	2014-03-10 15:47:15 UTC (rev 26040)
@@ -163,12 +163,16 @@
 CVE-2014-2241
 	RESERVED
 	- freetype <unfixed>
+	[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
+	[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
 	TODO: check
 	NOTE: http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
 	NOTE: https://savannah.nongnu.org/bugs/?41697#comment2 if I understood it right
 CVE-2014-2240
 	RESERVED
 	- freetype <unfixed>
+	[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
+	[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
 	TODO: check
 	NOTE: http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
 	NOTE: https://savannah.nongnu.org/bugs/?41697#comment0


