[Secure-testing-commits] r38497 - data/CVE
Thorsten Alteholz
alteholz at moszumanska.debian.org
Wed Dec 23 15:33:23 UTC 2015
Author: alteholz
Date: 2015-12-23 15:33:23 +0000 (Wed, 23 Dec 2015)
New Revision: 38497
Modified:
data/CVE/list
Log:
there are further patches needed for Squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-23 11:21:30 UTC (rev 38496)
+++ data/CVE/list 2015-12-23 15:33:23 UTC (rev 38497)
@@ -3342,7 +3342,6 @@
CVE-2015-8472 [Incomplete fix for CVE-2015-8126]
RESERVED
- libpng <unfixed> (bug #807112)
- [squeeze] - libpng <not-affected> (CVE-2015-8472 was assigned after it was discovered that initial patch was incomplete. libpng as shipped in Squeeze is not affected by this CVE, since we've already applied complete patch to fix the original issue.)
NOTE: Fixed in 1.6.20, 1.5.25, 1.4.18, 1.2.55, and 1.0.65
NOTE: https://github.com/glennrp/libpng/commit/7e1ca9ceba4e64259863efdd98bab9b55bdc0b9c
NOTE: https://github.com/glennrp/libpng/commit/4488a96126bbefda51d07835411d8e847a88b2b7
More information about the Secure-testing-commits
mailing list