[Secure-testing-commits] r38497 - data/CVE

Thorsten Alteholz alteholz at moszumanska.debian.org
Wed Dec 23 15:33:23 UTC 2015


Author: alteholz
Date: 2015-12-23 15:33:23 +0000 (Wed, 23 Dec 2015)
New Revision: 38497

Modified:
   data/CVE/list
Log:
there are further patches needed for Squeeze

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-23 11:21:30 UTC (rev 38496)
+++ data/CVE/list	2015-12-23 15:33:23 UTC (rev 38497)
@@ -3342,7 +3342,6 @@
 CVE-2015-8472 [Incomplete fix for CVE-2015-8126]
 	RESERVED
 	- libpng <unfixed> (bug #807112)
-	[squeeze] - libpng <not-affected> (CVE-2015-8472 was assigned after it was discovered that initial patch was incomplete. libpng as shipped in Squeeze is not affected by this CVE, since we've already applied complete patch to fix the original issue.)
 	NOTE: Fixed in 1.6.20, 1.5.25, 1.4.18, 1.2.55, and 1.0.65
 	NOTE: https://github.com/glennrp/libpng/commit/7e1ca9ceba4e64259863efdd98bab9b55bdc0b9c
 	NOTE: https://github.com/glennrp/libpng/commit/4488a96126bbefda51d07835411d8e847a88b2b7




More information about the Secure-testing-commits mailing list