[Secure-testing-commits] r46999 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 12 18:13:51 UTC 2016
Author: carnil
Date: 2016-12-12 18:13:51 +0000 (Mon, 12 Dec 2016)
New Revision: 46999
Modified:
data/CVE/list
Log:
CVE-2016-9933 assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-12 16:28:49 UTC (rev 46998)
+++ data/CVE/list 2016-12-12 18:13:51 UTC (rev 46999)
@@ -19,13 +19,16 @@
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73331
NOTE: Fixed by: https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-XXXX [imagefilltoborder stackoverflow on truecolor images]
- - php7.0 7.0.13-1
- - php5 <unfixed>
+CVE-2016-9933 [imagefilltoborder stackoverflow on truecolor images]
+ - libgd2 2.2.2-29-g3c2b605-1
+ NOTE: https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e (gd-2.2.2)
+ NOTE: Scope of CVE is only the missing "color < 0" test in older versions.
+ - php7.0 7.0.13-1 (unimportant)
+ - php5 <unfixed> (unimportant)
NOTE: Fixed in PHP 5.6.28, 7.0.13 and 7.1.0
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72696
NOTE: Fixed by: https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/12/2
+ NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
CVE-2016-XXXX [AST-2016-008]
- asterisk <not-affected> (Introduced in 13.12.0 but fixed with first version to unstable based on 13.12.1)
NOTE: Vulnerability introduced in 13.12.0, but the first upload to unstable
More information about the Secure-testing-commits
mailing list