[Secure-testing-commits] r31499 - data/CVE

Raphael Geissert geissert at moszumanska.debian.org
Sun Jan 18 12:33:58 UTC 2015


Author: geissert
Date: 2015-01-18 12:33:58 +0000 (Sun, 18 Jan 2015)
New Revision: 31499

Modified:
   data/CVE/list
Log:
iceweasel/icedove not affected by libpng issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-18 12:23:51 UTC (rev 31498)
+++ data/CVE/list	2015-01-18 12:33:58 UTC (rev 31499)
@@ -811,10 +811,8 @@
 	RESERVED
 	- libpng <not-affected> (Affects 1.5.x and 1.6.x series)
 	[experimental] - libpng1.6 <unfixed> (bug #773823)
-	- iceweasel <unfixed>
-	- icedove <unfixed>
-	[squeeze] - iceweasel <not-affected> (uses the system libpng)
-	[squeeze] - icedove <not-affected> (uses the system libpng)
+	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
+	- icedove <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	- texlive-bin <unfixed>
 	[squeeze] - texlive-bin <not-affected> (has a copy of libpng 1.2)
 	[wheezy] - texlive-bin <not-affected> (uses system libpng)
@@ -2127,10 +2125,8 @@
 	[squeeze] - texlive-bin <not-affected> (has a copy of libpng 1.2)
 	[wheezy] - texlive-bin <not-affected> (uses system libpng)
 	[experimental] - libpng1.6 <unfixed> (bug #773823)
-	- iceweasel <unfixed>
-	- icedove <unfixed>
-	[squeeze] - iceweasel <not-affected> (uses the system libpng)
-	[squeeze] - icedove <not-affected> (uses the system libpng)
+	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
+	- icedove <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/33173461/
 CVE-2014-9465
 	RESERVED




More information about the Secure-testing-commits mailing list