[Secure-testing-commits] r45989 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-11-05 10:23:26 +0000 (Sat, 05 Nov 2016)
New Revision: 45989

Modified:
   data/CVE/list
Log:
Add CVE-2016-9190/pillow

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-05 10:20:53 UTC (rev 45988)
+++ data/CVE/list	2016-11-05 10:23:26 UTC (rev 45989)
@@ -3,7 +3,10 @@
 	NOTE: https://git.enlightenment.org/apps/terminology.git/commit/?id=b80bedc7c21ecffe99d8d142930db696eebdd6a5
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/04/12
 CVE-2016-9190 (Pillow before 3.3.2 allows context-dependent attackers to execute ...)
-	TODO: check
+	- pillow 3.4.2-1
+	- python-imaging <removed>
+	NOTE: https://github.com/python-pillow/Pillow/issues/2105
+	NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
 CVE-2016-9189 (Pillow before 3.3.2 allows context-dependent attackers to obtain ...)
 	TODO: check
 CVE-2016-9188 (Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before ...)