[Secure-testing-commits] r45637 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Wed Oct 26 19:24:47 UTC 2016
Author: anarcat
Date: 2016-10-26 19:24:47 +0000 (Wed, 26 Oct 2016)
New Revision: 45637
Modified:
data/CVE/list
Log:
Summary: add patch pointers and summaries for CVE-2016-7997 and 7996
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-26 18:51:27 UTC (rev 45636)
+++ data/CVE/list 2016-10-26 19:24:47 UTC (rev 45637)
@@ -3175,16 +3175,18 @@
NOTE: https://core.spip.net/projects/spip/repository/revisions/23186
NOTE: https://core.spip.net/projects/spip/repository/revisions/23189
NOTE: https://core.spip.net/projects/spip/repository/revisions/23192
-CVE-2016-7997
+CVE-2016-7997 [denial of service via a crash due to an assertion]
RESERVED
- graphicsmagick 1.3.25-4
-CVE-2016-7996
+ NOTE: patch for this and CVE-2016-7996 at: http://openwall.com/lists/oss-security/2016/10/07/4
+CVE-2016-7996 [missing check that the provided colormap is not larger than 256 entries resulting in potential heap overflow]
RESERVED
- graphicsmagick 1.3.21-2
NOTE: The patch addressing CVE-2016-7996 applied is in 1.3.25-4, but in
NOTE: the experimental upload 1.3.20-4 and later uploaded to unstable as
NOTE: 1.3.21-2 the build is done with --with-quantum-depth=16 switching
NOTE: away from the default with QuantumDepth=8
+ NOTE: patch for this and CVE-2016-7997 at: http://openwall.com/lists/oss-security/2016/10/07/4
CVE-2016-7995 [usb: hcd-ehci: memory leak in ehci_process_itd]
RESERVED
- qemu <unfixed> (bug #840236)
More information about the Secure-testing-commits
mailing list