[Secure-testing-commits] r49451 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-03-06 18:58:53 +0000 (Mon, 06 Mar 2017)
New Revision: 49451

Modified:
   data/CVE/list
Log:
Add new freetype issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-06 18:52:04 UTC (rev 49450)
+++ data/CVE/list	2017-03-06 18:58:53 UTC (rev 49451)
@@ -72,6 +72,11 @@
 	TODO: check
 CVE-2017-6478 (paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected ...)
 	TODO: check
+CVE-2016-10244 [denial of service]
+	- freetype <unfixed>
+	NOTE: Fixed in 2.7:  http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36
+	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a660e3de422731b94d4a134d27555430cbb6fb39 (VER-2-7)
 CVE-2016-10243 [arbitrary code execution]
 	RESERVED
 	- texlive-bin <unfixed> (unimportant)