[Secure-testing-commits] r50465 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 8 12:07:25 UTC 2017
Author: carnil
Date: 2017-04-08 12:07:24 +0000 (Sat, 08 Apr 2017)
New Revision: 50465
Modified:
data/CVE/list
Log:
Add upstream commit for CVE-2016-9318
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-08 10:56:39 UTC (rev 50464)
+++ data/CVE/list 2017-04-08 12:07:24 UTC (rev 50465)
@@ -20585,10 +20585,9 @@
[jessie] - libxml2 <no-dsa> (Minor issue)
[wheezy] - libxml2 <no-dsa> (Minor issue)
NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=772726
- NOTE: Tentative patch available but not blessed by upstream yet (2016-12-13) (cf. comment #15)
- NOTE: For wheezy it is probably not worth the effort to fix this problem.
- NOTE: The reason is that the correction is to introduce a new option that can be specified if this new behaviour
- NOTE: is wanted. It is not enforced by default.
+ NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=2304078555896cf1638c628f50326aeef6f0e0d0
+ NOTE: The patch introduces a new option that can be specified if this
+ NOTE: behaviour is wanted. Not enforced by default.
CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka libgd) ...)
{DSA-3777-1 DLA-804-1}
- libgd2 2.2.4-1
More information about the Secure-testing-commits
mailing list