[Secure-testing-commits] r38997 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 18 07:57:08 UTC 2016
Author: carnil
Date: 2016-01-18 07:57:08 +0000 (Mon, 18 Jan 2016)
New Revision: 38997
Modified:
data/CVE/list
Log:
Mark librsvg as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-18 06:22:02 UTC (rev 38996)
+++ data/CVE/list 2016-01-18 07:57:08 UTC (rev 38997)
@@ -7893,6 +7893,8 @@
CVE-2015-7558 [Stack exhaustion]
RESERVED
- librsvg 2.40.12-1
+ [jessie] - librsvg <no-dsa> (Too intrusive to backport)
+ [wheezy] - librsvg <no-dsa> (Too intrusive to backport)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
CVE-2015-7557 [Out-of-bounds heap read in librsvg2 was found when parsing SVG file]
More information about the Secure-testing-commits
mailing list