[Secure-testing-commits] r57829 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Nov 19 16:14:22 UTC 2017


Author: carnil
Date: 2017-11-19 16:14:22 +0000 (Sun, 19 Nov 2017)
New Revision: 57829

Modified:
   data/CVE/list
Log:
CVE-2017-1000229: Reference proposed patch

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-19 16:11:10 UTC (rev 57828)
+++ data/CVE/list	2017-11-19 16:14:22 UTC (rev 57829)
@@ -174,6 +174,7 @@
 CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...)
 	- optipng <unfixed> (bug #882032)
 	NOTE: https://sourceforge.net/p/optipng/bugs/65/
+	NOTE: Proposed patch: https://sourceforge.net/p/optipng/bugs/_discuss/thread/2a56b3aa/f6bb/attachment/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
 CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote code ...)
 	NOT-FOR-US: nodejs ejs
 CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the REST API ...)




More information about the Secure-testing-commits mailing list