[Secure-testing-commits] r43224 - in data: . CVE DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 15 15:22:42 UTC 2016
Author: carnil
Date: 2016-07-15 15:22:42 +0000 (Fri, 15 Jul 2016)
New Revision: 43224
Modified:
data/CVE/list
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA number for libgd2 update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-15 15:06:37 UTC (rev 43223)
+++ data/CVE/list 2016-07-15 15:22:42 UTC (rev 43224)
@@ -92,6 +92,8 @@
RESERVED
CVE-2016-XXXX [Out-Of-Bounds Read in function read_image_tga of gd_tga.c]
- libgd2 2.2.2-29-g3c2b605-1
+ [jessie] - libgd2 2.1.0-5+deb8u4
+ NOTE: Workaround entry for DSA-3619-1 until/if CVE is assigned
NOTE: https://github.com/libgd/libgd/issues/248
NOTE: https://github.com/libgd/libgd/pull/251
NOTE: https://github.com/libgd/libgd/commit/5a3f19e962b507560c9206965087db4dc0ad107f
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2016-07-15 15:06:37 UTC (rev 43223)
+++ data/DSA/list 2016-07-15 15:22:42 UTC (rev 43224)
@@ -1,3 +1,6 @@
+[15 Jul 2016] DSA-3619-1 libgd2 - security update
+ {CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 CVE-2016-6214}
+ [jessie] - libgd2 2.1.0-5+deb8u4
[14 Jul 2016] DSA-3618-1 php5 - security update
{CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773}
[jessie] - php5 5.6.23+dfsg-0+deb8u1
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2016-07-15 15:06:37 UTC (rev 43223)
+++ data/dsa-needed.txt 2016-07-15 15:22:42 UTC (rev 43224)
@@ -25,9 +25,6 @@
<URL: http://anonscm.debian.org/cgit/collab-maint/libarchive.git/log/?h=debian-jessie >
Some more CVEs needs to be triaged to conclude Petter's work.
--
-libgd2
- NOTE: maintainer prepared debdiff, needs review and ack
---
libical
--
linux
More information about the Secure-testing-commits
mailing list