[Secure-testing-commits] r53715 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jul 20 18:43:33 UTC 2017


Author: carnil
Date: 2017-07-20 18:43:33 +0000 (Thu, 20 Jul 2017)
New Revision: 53715

Modified:
   data/CVE/list
Log:
Update status for CVE-2017-11464/librsvg

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-20 18:31:16 UTC (rev 53714)
+++ data/CVE/list	2017-07-20 18:43:33 UTC (rev 53715)
@@ -23,8 +23,11 @@
 	- ruby2.1 <not-affected> (Specific to Ruby 2.4)
 CVE-2017-11464 (A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in ...)
 	- librsvg <unfixed>
+	[jessie] - librsvg <not-affected> (Vulnerable code introduced in 2.40.9)
+	[wheezy] - librsvg <not-affected> (Vulnerable code introduced in 2.40.9)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783835
-	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
+	NOTE: Introduced in: https://git.gnome.org/browse/librsvg/commit/?id=054807726db76558728e7a7513aabc4698b3dc95 (2.40.9)
+	NOTE: Fixed by: https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
 CVE-2017-11473 (Buffer overflow in the mp_override_legacy_irq() function in ...)
 	- linux <unfixed>
 CVE-2017-11472 (The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in ...)




More information about the Secure-testing-commits mailing list