[Secure-testing-commits] r40834 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 9 13:58:11 UTC 2016
Author: carnil
Date: 2016-04-09 13:58:11 +0000 (Sat, 09 Apr 2016)
New Revision: 40834
Modified:
data/CVE/list
Log:
Update CVE-2016-3977, add bug reference and mark as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-09 12:02:13 UTC (rev 40833)
+++ data/CVE/list 2016-04-09 13:58:11 UTC (rev 40834)
@@ -42,7 +42,9 @@
NOTE: https://sourceforge.net/p/optipng/bugs/56/
CVE-2016-3977 [gif2rgb: heap buffer overflow]
RESERVED
- - giflib <unfixed>
+ - giflib <unfixed> (bug #820526)
+ [jessie] - giflib <no-dsa> (Minor issue)
+ [wheezy] - giflib <no-dsa> (minor issue)
NOTE: https://sourceforge.net/p/giflib/bugs/87/
NOTE: https://sourceforge.net/p/giflib/code/ci/ea8dbc5786862a3e16a5acfa3d24e2c2f608cd88/
CVE-2016-3969 (Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) ...)
More information about the Secure-testing-commits
mailing list