[Secure-testing-commits] r36589 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-09-11 04:43:03 +0000 (Fri, 11 Sep 2015)
New Revision: 36589

Modified:
   data/CVE/list
Log:
add two freetype issues without CVE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-10 20:10:53 UTC (rev 36588)
+++ data/CVE/list	2015-09-11 04:43:03 UTC (rev 36589)
@@ -5,6 +5,14 @@
 	NOTE: http://sourceforge.net/p/aufs/mailman/message/34449209/
 	NOTE: For Linux kernel with aufs aufs3-mmap.patch or aufs4-mmap.patch mmap patch
 	TODO: check
+CVE-2014-XXXX [ infinite loop in parse_encoding (t1load.c)]
+	- freetype <unfixed>
+	NOTE: https://launchpad.net/bugs/1492124
+	NOTE: http://www.ubuntu.com/usn/usn-2739-1/
+CVE-2014-XXXX [use of uninitialized data]
+	- freetype <unfixed>
+	NOTE: https://launchpad.net/bugs/1449225
+	NOTE: http://www.ubuntu.com/usn/usn-2739-1/
 CVE-2015-6855 [commands which are illegal to sent to an ATAPI device should be rejected]
 	- qemu <unfixed>
 	- qemu-kvm <removed>