[Secure-testing-commits] r53716 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 20 18:48:28 UTC 2017
Author: carnil
Date: 2017-07-20 18:48:28 +0000 (Thu, 20 Jul 2017)
New Revision: 53716
Modified:
data/CVE/list
Log:
Mark librsvg as no DSA for stretch, add bug reference, #869129
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-20 18:43:33 UTC (rev 53715)
+++ data/CVE/list 2017-07-20 18:48:28 UTC (rev 53716)
@@ -22,7 +22,8 @@
- ruby2.3 <not-affected> (Specific to Ruby 2.4)
- ruby2.1 <not-affected> (Specific to Ruby 2.4)
CVE-2017-11464 (A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in ...)
- - librsvg <unfixed>
+ - librsvg <unfixed> (bug #869129)
+ [stretch] - librsvg <no-dsa> (Minor issue)
[jessie] - librsvg <not-affected> (Vulnerable code introduced in 2.40.9)
[wheezy] - librsvg <not-affected> (Vulnerable code introduced in 2.40.9)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783835
More information about the Secure-testing-commits
mailing list