[Secure-testing-commits] r38454 - data/CVE

Mon Dec 21 15:10:24 UTC 2015

Author: carnil
Date: 2015-12-21 15:10:24 +0000 (Mon, 21 Dec 2015)
New Revision: 38454

Modified:
   data/CVE/list
Log:
Add librsvg issues, left TODO for now

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-12-21 12:24:04 UTC (rev 38453)
+++ data/CVE/list	2015-12-21 15:10:24 UTC (rev 38454)
@@ -4936,10 +4936,16 @@
 	RESERVED
 CVE-2015-7559
 	RESERVED
-CVE-2015-7558
+CVE-2015-7558 [Stack exhaustion]
 	RESERVED
-CVE-2015-7557
+	- librsvg <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243
+	TODO: check
+CVE-2015-7557 [Out-of-bounds heap read in librsvg2 was found when parsing SVG file]
 	RESERVED
+	- librsvg <unfixed>
+	NOTE: https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df
+	TODO: check
 CVE-2015-7556
 	RESERVED
 CVE-2015-7555


