[Secure-testing-commits] r43454 - data/CVE
Thorsten Alteholz
alteholz at moszumanska.debian.org
Mon Jul 25 13:36:47 UTC 2016
Author: alteholz
Date: 2016-07-25 13:36:47 +0000 (Mon, 25 Jul 2016)
New Revision: 43454
Modified:
data/CVE/list
Log:
mark three libgd2 CVEs as no-das, vulnerable code not present
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-25 13:36:12 UTC (rev 43453)
+++ data/CVE/list 2016-07-25 13:36:47 UTC (rev 43454)
@@ -584,6 +584,7 @@
CVE-2016-XXXX [Out-Of-Bounds Read in function read_image_tga of gd_tga.c]
- libgd2 2.2.2-29-g3c2b605-1
[jessie] - libgd2 2.1.0-5+deb8u4
+ [wheezy] - libgd2 <not-affected> (Vulnerable code not present)
NOTE: Workaround entry for DSA-3619-1 until/if CVE is assigned
NOTE: https://github.com/libgd/libgd/issues/248
NOTE: https://github.com/libgd/libgd/pull/251
@@ -614,6 +615,7 @@
RESERVED
{DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1
+ [wheezy] - libgd2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/libgd/libgd/issues/247#issuecomment-232084241
NOTE: https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
NOTE: Different issue than CVE-2016-6132
@@ -1375,6 +1377,7 @@
RESERVED
{DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #829694)
+ [wheezy] - libgd2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/libgd/libgd/issues/247
NOTE: https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
CVE-2016-6131
More information about the Secure-testing-commits
mailing list