[Secure-testing-commits] r56838 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 18 20:47:52 UTC 2017
Author: carnil
Date: 2017-10-18 20:47:52 +0000 (Wed, 18 Oct 2017)
New Revision: 56838
Modified:
data/CVE/list
Log:
Add needed commit for sdl issue
Needed since compiler can optimize away the check, which was confirmed
to be the case as well at least for Debian unstable.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-18 20:42:32 UTC (rev 56837)
+++ data/CVE/list 2017-10-18 20:47:52 UTC (rev 56838)
@@ -37931,6 +37931,7 @@
- libsdl1.2 <not-affected> (Issue not present, SDL_CreateRGBSurface contains further check for too large width or height)
NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0395
NOTE: https://hg.libsdl.org/SDL/rev/7e0f1498ddb5
+ NOTE: https://hg.libsdl.org/SDL/rev/81a4950907a0
CVE-2017-2887 (An exploitable buffer overflow vulnerability exists in the XCF ...)
{DLA-1134-1}
- libsdl2-image <unfixed> (bug #878266)
More information about the Secure-testing-commits
mailing list