[Secure-testing-commits] r57829 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 19 16:14:22 UTC 2017
Author: carnil
Date: 2017-11-19 16:14:22 +0000 (Sun, 19 Nov 2017)
New Revision: 57829
Modified:
data/CVE/list
Log:
CVE-2017-1000229: Reference proposed patch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-19 16:11:10 UTC (rev 57828)
+++ data/CVE/list 2017-11-19 16:14:22 UTC (rev 57829)
@@ -174,6 +174,7 @@
CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...)
- optipng <unfixed> (bug #882032)
NOTE: https://sourceforge.net/p/optipng/bugs/65/
+ NOTE: Proposed patch: https://sourceforge.net/p/optipng/bugs/_discuss/thread/2a56b3aa/f6bb/attachment/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote code ...)
NOT-FOR-US: nodejs ejs
CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the REST API ...)
More information about the Secure-testing-commits
mailing list