[Secure-testing-commits] r41346 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 2 05:37:26 UTC 2016
Author: carnil
Date: 2016-05-02 05:37:26 +0000 (Mon, 02 May 2016)
New Revision: 41346
Modified:
data/CVE/list
Log:
Update information for two librsvg issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-02 04:47:16 UTC (rev 41345)
+++ data/CVE/list 2016-05-02 05:37:26 UTC (rev 41346)
@@ -5602,12 +5602,12 @@
NOTE: https://github.com/facebook/hhvm/commit/eae73029336e4d577707cb8a0527f22cb8a4588a
CVE-2016-4348
RESERVED
- - librsvg <unfixed>
- TODO: check affected versions
+ - librsvg 2.40.12-1
+ NOTE: At least 2.40.12 upstream fixed stack-overflow, maybe already earlier
CVE-2016-4347
RESERVED
- - librsvg <unfixed>
- TODO: check affected versions
+ - librsvg 2.40.12-1
+ NOTE: At least 2.40.12 upstream fixed stack-overflow in _rsvg_css_normalize_font_size, maybe already earlier
CVE-2016-4346 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/standard/string.c]
RESERVED
- php7.0 <undetermined>
More information about the Secure-testing-commits
mailing list