[Secure-testing-commits] r49844 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 20 12:58:06 UTC 2017
Author: jmm
Date: 2017-03-20 12:58:06 +0000 (Mon, 20 Mar 2017)
New Revision: 49844
Modified:
data/CVE/list
Log:
virglrenderer bugs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-20 12:56:38 UTC (rev 49843)
+++ data/CVE/list 2017-03-20 12:58:06 UTC (rev 49844)
@@ -1986,7 +1986,7 @@
NOTE: https://github.com/radare/radare2/commit/ead645853a63bf83d8386702cad0cf23b31d7eeb
NOTE: https://github.com/radare/radare2/issues/6857
CVE-2017-6386 (Memory leak in the vrend_create_vertex_elements_state function in ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=737c3350850ca4dbc5633b3bdb4118176ce59920
CVE-2017-6385
RESERVED
@@ -2083,7 +2083,7 @@
CVE-2013-7460 (A write protection and execution bypass vulnerability in McAfee (now ...)
NOT-FOR-US: Intel antivirus
CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 (0.6.0)
CVE-2017-6354
RESERVED
@@ -2191,7 +2191,7 @@
- graphicsmagick 1.3.25-8
NOTE: Fixed by: https://sourceforge.net/p/graphicsmagick/code/ci/6156b4c2992d855ece6079653b3b93c3229fc4b8/
CVE-2017-6317 (Memory leak in the add_shader_program function in vrend_renderer.c in ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 (0.6.0)
CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf allows ...)
- gdk-pixbuf <unfixed> (bug #856448)
@@ -2456,10 +2456,10 @@
- linux 4.9.13-1
NOTE: Fixed by: https://git.kernel.org/linus/ccf7abb93af09ad0868ae9033d1ca8108bdaec82 (v4.10-rc8)
CVE-2017-6210 (The vrend_decode_reset function in vrend_decode.c in virglrenderer ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab (0.6.0)
CVE-2017-6209 (Stack-based buffer overflow in the parse_identifier function in ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27 (0.6.0)
CVE-2017-6208
RESERVED
@@ -2955,11 +2955,11 @@
[wheezy] - xen <no-dsa> (Minor issue)
NOTE: https://xenbits.xen.org/xsa/advisory-207.html
CVE-2017-5994 (Heap-based buffer overflow in the vrend_create_vertex_elements_state ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=114688c526fe45f341d75ccd1d85473c3b08f7a7 (0.6.0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422452
CVE-2017-5993 (Memory leak in the vrend_renderer_init_blit_ctx function in ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=6eb13f7a2dcf391ec9e19b4c2a79e68305f63c22 (0.6.0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422438
CVE-2017-5991 (An issue was discovered in Artifex Software, Inc. MuPDF before ...)
@@ -3096,12 +3096,12 @@
CVE-2017-5958
RESERVED
CVE-2017-5957 (Stack-based buffer overflow in the vrend_decode_set_framebuffer_state ...)
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=926b9b3460a48f6454d8bbe9e44313d86a65447f (0.6.0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421126
CVE-2017-5956
RESERVED
- - virglrenderer <unfixed>
+ - virglrenderer <unfixed> (bug #858255)
NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d (0.6.0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421073
NOTE: The original fix opens a memory leak: http://www.openwall.com/lists/oss-security/2017/02/24/2
More information about the Secure-testing-commits
mailing list