[Secure-testing-commits] r39534 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Feb 7 20:01:56 UTC 2016
Author: carnil
Date: 2016-02-07 20:01:56 +0000 (Sun, 07 Feb 2016)
New Revision: 39534
Modified:
data/CVE/list
Log:
Add tcpdf issue, #814030
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-07 20:01:45 UTC (rev 39533)
+++ data/CVE/list 2016-02-07 20:01:56 UTC (rev 39534)
@@ -1,3 +1,8 @@
+CVE-2014-XXXX [LFI posting internal files externally abusing default parameter]
+ - tcpdf <unfixed> (bug #814030)
+ NOTE: https://sourceforge.net/p/tcpdf/bugs/1005/ (not public)
+ NOTE: According to upstream fixed in 6.2.0, but not details available
+ TODO: check
CVE-2015-8808 [out-of-bound read in the parsing of gif files]
- graphicsmagick <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/1
More information about the Secure-testing-commits
mailing list