[Secure-testing-commits] r45328 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Oct 15 04:57:56 UTC 2016
Author: carnil
Date: 2016-10-15 04:57:55 +0000 (Sat, 15 Oct 2016)
New Revision: 45328
Modified:
data/CVE/list
Log:
Add temporary entries for two libgd2 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-14 21:10:24 UTC (rev 45327)
+++ data/CVE/list 2016-10-15 04:57:55 UTC (rev 45328)
@@ -1,3 +1,14 @@
+CVE-2016-XXXX [invalid read in gdImageCreateFromTiffPtr()]
+ - libgd2 <unfixed>
+ [jessie] - libgd2 .1.0-5+deb8u7
+ NOTE: Workaround entry for DSA-3693-1 until CVE assigned
+ NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
+CVE-2016-XXXX [Stack Buffer Overflow in GD dynamicGetbuf]
+ - libgd2 <unfixed>
+ [jessie] - libgd2 .1.0-5+deb8u7
+ NOTE: Workaround entry for DSA-3693-1 until CVE assigned
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280
+ NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
CVE-2016-8665
RESERVED
CVE-2016-8664
More information about the Secure-testing-commits
mailing list