[Secure-testing-commits] r58845 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 22 13:53:30 UTC 2017
Author: carnil
Date: 2017-12-22 13:53:30 +0000 (Fri, 22 Dec 2017)
New Revision: 58845
Modified:
data/CVE/list
Log:
Add fixes for CVE-2017-17785/gimp
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-22 12:27:38 UTC (rev 58844)
+++ data/CVE/list 2017-12-22 13:53:30 UTC (rev 58845)
@@ -266,6 +266,8 @@
CVE-2017-17785 (In GIMP 2.8.22, there is a heap-based buffer overflow in the ...)
- gimp <unfixed> (bug #884836)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133
+ NOTE: https://git.gnome.org/browse/gimp/commit/?id=edb251a7ef1602d20a5afcbf23f24afb163de63b (master)
+ NOTE: https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54 (gimp-2-8)
NOTE: Can be reproduced (at least in wheezy) with "valgrind --trace-children=yes gimp <reproducerfile>"
CVE-2017-17786 (In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in ...)
- gimp <unfixed> (unimportant; bug #884862)
More information about the Secure-testing-commits
mailing list