[Secure-testing-commits] r50651 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Apr 14 09:57:29 UTC 2017
Author: carnil
Date: 2017-04-14 09:57:29 +0000 (Fri, 14 Apr 2017)
New Revision: 50651
Modified:
data/CVE/list
Log:
Add CVE-2017-7858/freetype
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-14 09:55:51 UTC (rev 50650)
+++ data/CVE/list 2017-04-14 09:57:29 UTC (rev 50651)
@@ -28,7 +28,10 @@
CVE-2017-7859 (FFmpeg before 2017-03-05 has an out-of-bounds write caused by a ...)
TODO: check
CVE-2017-7858 (FreeType 2 before 2017-03-07 has an out-of-bounds write related to the ...)
- TODO: check
+ - freetype <not-affected> (Vulnerable code introduced in 2.6.4)
+ NOTE: Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
+ NOTE: Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e
+ NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738
CVE-2017-7857 (FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a ...)
- freetype <not-affected> (Vulnerable code introduced in 2.6.4)
NOTE: Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
More information about the Secure-testing-commits
mailing list