[Secure-testing-commits] r38227 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Dec 11 16:26:17 UTC 2015


Author: carnil
Date: 2015-12-11 16:26:15 +0000 (Fri, 11 Dec 2015)
New Revision: 38227

Modified:
   data/CVE/list
Log:
CVE-2015-8540/libpng assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-11 16:02:44 UTC (rev 38226)
+++ data/CVE/list	2015-12-11 16:26:15 UTC (rev 38227)
@@ -604,9 +604,11 @@
 	RESERVED
 CVE-2015-8534
 	RESERVED
-CVE-2015-XXXX [underflow read in png_check_keyword in pngwutil.c]
+CVE-2015-8540 [underflow read in png_check_keyword in pngwutil.c]
 	- libpng <unfixed>
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/10/6
+	NOTE: http://www.openwall.com/lists/oss-security/2015/12/10/6
+	NOTE: https://sourceforge.net/p/libpng/bugs/244/
+	NOTE: http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
 	NOTE: Fixed in 1.0.66, 1.2.56, 1.4.19, and 1.5.26
 CVE-2015-XXXX [Pv6 connect causes a denial of service]
 	- linux <unfixed>




More information about the Secure-testing-commits mailing list