[Secure-testing-commits] r39587 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Feb 10 17:59:26 UTC 2016
Author: carnil
Date: 2016-02-10 17:59:26 +0000 (Wed, 10 Feb 2016)
New Revision: 39587
Modified:
data/CVE/list
Log:
Expand note for one pillow issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-10 17:59:17 UTC (rev 39586)
+++ data/CVE/list 2016-02-10 17:59:26 UTC (rev 39587)
@@ -141,6 +141,9 @@
- pillow 3.1.1-1
- python-imaging <removed>
NOTE: https://github.com/python-pillow/Pillow/commit/41fae6d9e2da741d2c5464775c7f1a609ea03798
+ NOTE: For jessie the vulnerable code seems to be in libImaging/Antialias.c instead,
+ NOTE: due to upstream commit bc0f896a47d7b2dcd6f9fc1fff88f6a25b248f8a renaming
+ NOTE: Antialias and stretch to resample.
CVE-2016-XXXX [AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data]
- asterisk <unfixed>
[jessie] - asterisk <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list