[Secure-testing-commits] r38114 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 5 07:57:14 UTC 2015
Author: carnil
Date: 2015-12-05 07:57:14 +0000 (Sat, 05 Dec 2015)
New Revision: 38114
Modified:
data/CVE/list
Log:
Add CVE-2015-7472/libpng
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-05 07:44:53 UTC (rev 38113)
+++ data/CVE/list 2015-12-05 07:57:14 UTC (rev 38114)
@@ -917,6 +917,9 @@
NOTE: http://sourceforge.net/p/latex2rtf/code/1152/tree//trunk/funct1.c?diff=50900fed34309d3c639c868f:1151
NOTE: latex2rtf compiled with -D_FORTIFY_SOURCE=2
NOTE: Rendered non-exploitable by toolchain hardening
+CVE-2015-8472 [Incomplete fix for CVE-2015-8126]
+ - libpng <unfixed>
+ NOTE: Fixed in 1.6.20, 1.5.25, 1.4.18, 1.2.55, and 1.0.65
CVE-2015-8126 (Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE ...)
{DSA-3399-1 DLA-343-1}
- libpng 1.2.54-1 (bug #805113)
More information about the Secure-testing-commits
mailing list