[Secure-testing-commits] r41341 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun May 1 20:28:08 UTC 2016
Author: jmm
Date: 2016-05-01 20:28:08 +0000 (Sun, 01 May 2016)
New Revision: 41341
Modified:
data/CVE/list
Log:
libpng1.6 fixed
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-01 17:52:41 UTC (rev 41340)
+++ data/CVE/list 2016-05-01 20:28:08 UTC (rev 41341)
@@ -548,19 +548,19 @@
CVE-2016-4066
RESERVED
CVE-2016-4065 (The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4064 (Use-after-free vulnerability in the XFA forms handling functionality ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4063 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4062 (Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4061 (Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4060 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4059 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2016-4074 [Stack exhaustion parsing a JSON file]
RESERVED
- jq <unfixed> (bug #822456)
@@ -14391,6 +14391,7 @@
CVE-2015-8472 (Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, ...)
{DSA-3443-1 DLA-410-1 DLA-375-1}
- libpng <unfixed> (bug #807112)
+ - libpng1.6 1.6.20-1 (bug #807112)
NOTE: Fixed in 1.6.20, 1.5.25, 1.4.18, 1.2.55, and 1.0.65
NOTE: https://github.com/glennrp/libpng/commit/7e1ca9ceba4e64259863efdd98bab9b55bdc0b9c
NOTE: https://github.com/glennrp/libpng/commit/4488a96126bbefda51d07835411d8e847a88b2b7
More information about the Secure-testing-commits
mailing list