[Secure-testing-commits] r42745 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 23 16:13:45 UTC 2016
Author: carnil
Date: 2016-06-23 16:13:45 +0000 (Thu, 23 Jun 2016)
New Revision: 42745
Modified:
data/CVE/list
Log:
Add CVE-2016-5767
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-23 16:13:36 UTC (rev 42744)
+++ data/CVE/list 2016-06-23 16:13:45 UTC (rev 42745)
@@ -1,3 +1,11 @@
+CVE-2016-5767 [Integer Overflow in gdImagePaletteToTrueColor() resulting heap overflow]
+ - php7.0 <unfixed> (unimportant)
+ - php5 <unfixed> (unimportant)
+ NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72446
+ NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6
+ - libgd2 <unfixed>
+ TODO: check
CVE-2016-5766 [Integer Overflow in _gd2GetHeader() resulting in heap overflow]
- php7.0 <unfixed> (unimportant)
- php5 <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list