[Secure-testing-commits] r47369 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 23 05:44:28 UTC 2016
Author: carnil
Date: 2016-12-23 05:44:28 +0000 (Fri, 23 Dec 2016)
New Revision: 47369
Modified:
data/CVE/list
Log:
CVE-2016-6352 fixed in 2.35.4-1 already
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-23 05:36:47 UTC (rev 47368)
+++ data/CVE/list 2016-12-23 05:44:28 UTC (rev 47369)
@@ -20113,11 +20113,12 @@
NOTE: followed by: https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03
NOTE: http://www.openwall.com/lists/oss-security/2016/07/12/4
CVE-2016-6352 (The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows ...)
- - gdk-pixbuf <unfixed> (bug #832496)
+ - gdk-pixbuf 2.35.4-1 (bug #832496)
[jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed along in a future DSA)
[wheezy] - gdk-pixbuf <not-affected> (Fails with ENOMEM, no crash)
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/11
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769170
+ NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599
CVE-2016-6224 (ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap ...)
- ecryptfs-utils <not-affected> (Broken code not present; incomplete fix for CVE-2015-8946 not applied)
NOTE: Actually due to an incomplete fix of LP#1447282
More information about the Secure-testing-commits
mailing list