[Secure-testing-commits] r47587 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 30 20:23:47 UTC 2016
Author: carnil
Date: 2016-12-30 20:23:47 +0000 (Fri, 30 Dec 2016)
New Revision: 47587
Modified:
data/CVE/list
Log:
Mark the unfixed item as removed, since libpng was removed a while back
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-30 20:21:54 UTC (rev 47586)
+++ data/CVE/list 2016-12-30 20:23:47 UTC (rev 47587)
@@ -42143,7 +42143,7 @@
RESERVED
CVE-2015-8540 (Integer underflow in the png_check_keyword function in pngwutil.c in ...)
{DSA-3443-1 DLA-375-1}
- - libpng <unfixed> (bug #807694)
+ - libpng <removed> (bug #807694)
NOTE: http://www.openwall.com/lists/oss-security/2015/12/10/6
NOTE: https://sourceforge.net/p/libpng/bugs/244/
NOTE: http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
@@ -44242,7 +44242,7 @@
NOTE: Rendered non-exploitable by toolchain hardening
CVE-2015-8472 (Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, ...)
{DSA-3443-1 DLA-410-1 DLA-375-1}
- - libpng <unfixed> (bug #807112)
+ - libpng <removed> (bug #807112)
- libpng1.6 1.6.20-1 (bug #807112)
NOTE: Fixed in 1.6.20, 1.5.25, 1.4.18, 1.2.55, and 1.0.65
NOTE: https://github.com/glennrp/libpng/commit/7e1ca9ceba4e64259863efdd98bab9b55bdc0b9c
More information about the Secure-testing-commits
mailing list