[Secure-testing-commits] r41741 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun May 15 12:23:26 UTC 2016
Author: carnil
Date: 2016-05-15 12:23:26 +0000 (Sun, 15 May 2016)
New Revision: 41741
Modified:
data/CVE/list
Log:
Add note for CVE-2016-4347
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-15 08:42:53 UTC (rev 41740)
+++ data/CVE/list 2016-05-15 12:23:26 UTC (rev 41741)
@@ -6832,6 +6832,8 @@
- librsvg 2.40.12-1
[jessie] - librsvg <no-dsa> (Too intrusive to backport)
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
+ NOTE: Gustavo Grieco confirmed that this is probably the same issue as CVE-2015-7558
+ NOTE: Possibly CVE-2016-4347 will/should be rejected or still be used.
CVE-2016-4346 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/standard/string.c]
RESERVED
- php7.0 7.0.4-1
More information about the Secure-testing-commits
mailing list