[Secure-testing-commits] r44999 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Oct 3 15:10:47 UTC 2016
Author: carnil
Date: 2016-10-03 15:10:47 +0000 (Mon, 03 Oct 2016)
New Revision: 44999
Modified:
data/CVE/list
Log:
Add source package information for CVE-2016-7568/libgd2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-03 15:02:21 UTC (rev 44998)
+++ data/CVE/list 2016-10-03 15:10:47 UTC (rev 44999)
@@ -2397,7 +2397,13 @@
- golang-github-appc-docker2aci <unfixed> (bug #839282)
NOTE: https://github.com/appc/docker2aci/issues/201
CVE-2016-7568 (Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD ...)
- TODO: check
+ - libgd2 <unfixed>
+ NOTE: libgd bug: https://github.com/libgd/libgd/issues/308
+ NOTE: Fixed by: https://github.com/libgd/libgd/commit/40bec0f38f50e8510f5bb71a82f516d46facde03
+ - php7.0 <unfixed> (unimportant)
+ - php5 <unfixed> (unimportant)
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73003
+ NOTE: https://github.com/php/php-src/commit/c18263e0e0769faee96a5d0ee04b750c442783c6
CVE-2016-7567
RESERVED
- openslp-dfsg <not-affected> (Only affects openslp 2)
More information about the Secure-testing-commits
mailing list