[Secure-testing-commits] r58717 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Wed Dec 20 09:17:12 UTC 2017
Author: hertzog
Date: 2017-12-20 09:17:12 +0000 (Wed, 20 Dec 2017)
New Revision: 58717
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Add gimp to dla-needed.txt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-20 09:10:13 UTC (rev 58716)
+++ data/CVE/list 2017-12-20 09:17:12 UTC (rev 58717)
@@ -165,6 +165,7 @@
RESERVED
- gimp <unfixed>
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133
+ NOTE: Can be reproduced (at least in wheezy) with "valgrind --trace-children=yes gimp <reproducerfile>"
CVE-2017-17786 [gimp: OOB read in TGA]
RESERVED
- gimp <unfixed> (unimportant)
@@ -184,6 +185,8 @@
RESERVED
- gimp <unfixed>
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790849
+ NOTE: Cannot be reproduced in wheezy with "valgrind --trace-children=yes gimp <reproducerfile>"
+ NOTE: Some OOB read/write can be reproduced in sid with "valgrind --trace-children=yes gimp <reproducerfile>"
CVE-2017-17787 [gimp: OOB read in PSP]
RESERVED
- gimp <unfixed> (unimportant)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-12-20 09:10:13 UTC (rev 58716)
+++ data/dla-needed.txt 2017-12-20 09:17:12 UTC (rev 58717)
@@ -21,6 +21,8 @@
couchdb
NOTE: Only in wheezy, we are on our own.
--
+gimp
+--
global
--
graphicsmagick
More information about the Secure-testing-commits
mailing list