[Secure-testing-commits] r42127 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun May 29 18:09:01 UTC 2016
Author: carnil
Date: 2016-05-29 18:09:01 +0000 (Sun, 29 May 2016)
New Revision: 42127
Modified:
data/CVE/list
Log:
Add new libgd2 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-29 17:46:32 UTC (rev 42126)
+++ data/CVE/list 2016-05-29 18:09:01 UTC (rev 42127)
@@ -1,3 +1,11 @@
+CVE-2016-XXXX [xbm: avoid stack overflow (read) with large names]
+ - libgd2 2.2.1-1
+ NOTE: Fixed by: https://github.com/libgd/libgd/commit/4dc1a2d7931017d3625f2d7cff70a17ce58b53b4 (gd-2.2.0)
+ NOTE: https://github.com/libgd/libgd/issues/211
+ - php5 <unfixed> (unimportant)
+ NOTE: PHP bug: https://bugs.php.net/bug.php?id=72115
+ NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/29/3
CVE-2016-5102
RESERVED
CVE-2016-5101
More information about the Secure-testing-commits
mailing list