[Secure-testing-commits] r45341 - in data: CVE DSA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-10-15 18:05:34 +0000 (Sat, 15 Oct 2016)
New Revision: 45341

Modified:
   data/CVE/list
   data/DSA/list
Log:
CVE-2016-8670/libgd2 assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-15 18:03:40 UTC (rev 45340)
+++ data/CVE/list	2016-10-15 18:05:34 UTC (rev 45341)
@@ -1,13 +1,12 @@
 CVE-2016-6911 [invalid read in gdImageCreateFromTiffPtr()]
 	- libgd2 <unfixed> (bug #840806)
 	NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
-CVE-2016-XXXX [Stack Buffer Overflow in GD dynamicGetbuf]
+CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf]
 	- libgd2 <unfixed> (bug #840805)
-	[jessie] - libgd2 2.1.0-5+deb8u7
 	NOTE: Workaround entry for DSA-3693-1 until CVE assigned
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280
 	NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/15/1
+	NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1
 CVE-2016-8671 [Incomplete fix for CVE-2016-6887]
 	- matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied)
 CVE-2016-8669 [char: divide by zero error in serial_update_parameters]

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-10-15 18:03:40 UTC (rev 45340)
+++ data/DSA/list	2016-10-15 18:05:34 UTC (rev 45341)
@@ -1,5 +1,5 @@
 [14 Oct 2016] DSA-3693-1 libgd2 - security update
-	{CVE-2016-6911 CVE-2016-7568}
+	{CVE-2016-6911 CVE-2016-7568 CVE-2016-8670}
 	[jessie] - libgd2 2.1.0-5+deb8u7
 [13 Oct 2016] DSA-3692-1 freeimage - security update
 	{CVE-2015-3885 CVE-2016-5684}