[Secure-testing-commits] r42756 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 23 17:41:41 UTC 2016
Author: carnil
Date: 2016-06-23 17:41:41 +0000 (Thu, 23 Jun 2016)
New Revision: 42756
Modified:
data/CVE/list
Log:
Update CVE-2016-5767/libgd2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-23 17:25:42 UTC (rev 42755)
+++ data/CVE/list 2016-06-23 17:41:41 UTC (rev 42756)
@@ -42,7 +42,9 @@
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72446
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6
NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
- - libgd2 <unfixed>
+ - libgd2 2.1.0~alpha1-2
+ NOTE: Fixed by: https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 (gd-2.1.0-alpha1)
+ TODO: double-check libgd
CVE-2016-5766 [Integer Overflow in _gd2GetHeader() resulting in heap overflow]
- php7.0 <unfixed> (unimportant)
- php5 <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list