[Secure-testing-commits] r47160 - data
Antoine Beaupré
anarcat at moszumanska.debian.org
Sat Dec 17 01:12:43 UTC 2016
Author: anarcat
Date: 2016-12-17 01:12:43 +0000 (Sat, 17 Dec 2016)
New Revision: 47160
Modified:
data/dla-needed.txt
Log:
Summary: consider waiting for more issues in graphicsmagick
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-12-17 01:10:31 UTC (rev 47159)
+++ data/dla-needed.txt 2016-12-17 01:12:43 UTC (rev 47160)
@@ -16,6 +16,7 @@
NOTE: Jessie has almost identical code. Looks hard to exploit but worth fixing.
--
graphicsmagick
+ NOTE: seems only a single memory/CPU DOS at this point, maybe wait for more issues?
NOTE: DLA-547-1 also did not fix CVE-2016-5240 so should be included in next upload.
NOTE: Incomplete/Incorrect fix as per https://lists.debian.org/debian-lts/2016/12/msg00077.html
NOTE: Subject of announce mail also contained typo (DLA-574-1 vs. DLA-547-1)
More information about the Secure-testing-commits
mailing list