[Secure-testing-commits] r35173 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 26 12:02:35 UTC 2015


Author: carnil
Date: 2015-06-26 12:02:35 +0000 (Fri, 26 Jun 2015)
New Revision: 35173

Modified:
   data/CVE/list
Log:
Rearrange items for CVE-2015-1258

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-26 11:47:54 UTC (rev 35172)
+++ data/CVE/list	2015-06-26 12:02:35 UTC (rev 35173)
@@ -10586,12 +10586,13 @@
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2015-1258 (Google Chrome before 43.0.2357.65 relies on libvpx code that was not ...)
 	{DSA-3267-1}
-	- libvpx 1.4.0-4
-	NOTE: 1.4.0-4 adds the workaround to configure with --size-limit=16384x16384
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
+	- libvpx 1.4.0-4
 	[squeeze] - libvpx <not-affected> (vp9 code not present in 0.9.1)
+	NOTE: 1.4.0-4 adds the workaround to configure with --size-limit=16384x16384
+	NOTE: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c
 CVE-2015-1257 (platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1




More information about the Secure-testing-commits mailing list