[Secure-testing-commits] r41627 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed May 11 04:39:07 UTC 2016


Author: carnil
Date: 2016-05-11 04:39:07 +0000 (Wed, 11 May 2016)
New Revision: 41627

Modified:
   data/CVE/list
Log:
Mark CVE-2016-4347 as no-dsa, following first CVE with same fix upstream

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-11 04:36:45 UTC (rev 41626)
+++ data/CVE/list	2016-05-11 04:39:07 UTC (rev 41627)
@@ -6312,6 +6312,7 @@
 CVE-2016-4347
 	RESERVED
 	- librsvg 2.40.12-1
+	[jessie] - librsvg <no-dsa> (Too intrusive to backport)
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
 CVE-2016-4346 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/standard/string.c]
 	RESERVED




More information about the Secure-testing-commits mailing list