[Secure-testing-commits] r41270 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Apr 29 06:34:15 UTC 2016 

Author: jmm
Date: 2016-04-29 06:34:15 +0000 (Fri, 29 Apr 2016)
New Revision: 41270

Modified:
   data/CVE/list
Log:
record fixes for libpng1.6


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-29 06:22:44 UTC (rev 41269)
+++ data/CVE/list	2016-04-29 06:34:15 UTC (rev 41270)
@@ -35707,7 +35707,7 @@
 	NOTE: https://github.com/madler/pigz/commit/fdad1406b3ec809f4954ff7cdf9e99eb18c2458f
 CVE-2015-0973 (Buffer overflow in the png_read_IDAT_data function in pngrutil.c in ...)
 	- libpng <not-affected> (Affects 1.5.x and 1.6.x series)
-	[experimental] - libpng1.6 1.6.16-1 (bug #773823)
+	- libpng1.6 1.6.16-1 (bug #773823)
 	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	- icedove <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	- texlive-bin 2014.20140926.35254-6 (bug #775673)
@@ -37227,7 +37227,7 @@
 	- texlive-bin 2014.20140926.35254-4 (bug #773824)
 	[squeeze] - texlive-bin <not-affected> (has a copy of libpng 1.2)
 	[wheezy] - texlive-bin <not-affected> (uses system libpng)
-	[experimental] - libpng1.6 1.6.16-1 (bug #773823)
+	- libpng1.6 1.6.16-1 (bug #773823)
 	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	- icedove <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/33173461/
@@ -56126,12 +56126,12 @@
 	- libpng <not-affected> (Only affects 1.5 and later)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/32215052/
 	NOTE: http://sourceforge.net/p/libpng/bugs/199/
-	NOTE: src:libpng1.6 in experimental fixed in 1.6.10-1
+	- libpng1.6 1.6.10-1
 CVE-2013-7353 (Integer overflow in the png_set_unknown_chunks function in ...)
 	- libpng <not-affected> (Only affects 1.5 and later)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/32215052/
 	NOTE: http://sourceforge.net/p/libpng/bugs/199/
-	NOTE: src:libpng1.6 in experimental fixed in 1.6.10-1
+	- libpng1.6 1.6.10-1
 CVE-2013-7352 (Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in ...)
 	NOT-FOR-US: b2evolution
 CVE-2013-7350 (Multiple unspecified vulnerabilities in Check Point Security Gateway ...)
@@ -62864,7 +62864,7 @@
 	NOT-FOR-US: CMS Made Simple
 CVE-2014-0333 (The png_push_read_chunk function in pngpread.c in the progressive ...)
 	- libpng <not-affected> (Only affects libpng 1.6.0 through 1.6.9)
-	NOTE: Filed #740585 for src:libpng1.6 in experimental, fixed in 1.6.10-1
+	- libpng1.6 1.6.10-1
 CVE-2014-0332 (Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL ...)
 	NOT-FOR-US: Dell SonicWALL GMS
 CVE-2014-0331 (Cross-site scripting (XSS) vulnerability in the web administration ...)

More information about the Secure-testing-commits mailing list