[Secure-testing-commits] r55443 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Sep 4 20:03:28 UTC 2017 

Author: carnil
Date: 2017-09-04 20:03:28 +0000 (Mon, 04 Sep 2017)
New Revision: 55443

Modified:
   data/CVE/list
Log:
Record some fixes for liblouis

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-04 19:27:59 UTC (rev 55442)
+++ data/CVE/list	2017-09-04 20:03:28 UTC (rev 55443)
@@ -917,6 +917,7 @@
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484338
+	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/edf8ee00197e5a9b062554bdca00fe1617d257a4
 CVE-2017-13743 (There is a buffer overflow in Liblouis 3.2.0, triggered in the function ...)
 	- liblouis <unfixed> (low)
 	[stretch] - liblouis <no-dsa> (Minor issue)
@@ -929,30 +930,35 @@
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484334
+	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
 CVE-2017-13741 (There is a use-after-free in the function compileBrailleIndicator() in ...)
 	- liblouis <unfixed> (low)
 	[stretch] - liblouis <no-dsa> (Minor issue)
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484332
+	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/af5791ea792acc0a9707738001aa1df3daff7a66
 CVE-2017-13740 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
 	- liblouis <unfixed> (low)
 	[stretch] - liblouis <no-dsa> (Minor issue)
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484306
+	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
 CVE-2017-13739 (There is a heap-based buffer overflow that causes a more than two ...)
 	- liblouis <unfixed> (low)
 	[stretch] - liblouis <no-dsa> (Minor issue)
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484299
+	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
 CVE-2017-13738 (There is an illegal address access in the _lou_getALine function in ...)
 	- liblouis <unfixed> (low)
 	[stretch] - liblouis <no-dsa> (Minor issue)
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484297
+	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/edf8ee00197e5a9b062554bdca00fe1617d257a4
 CVE-2017-13737 (There is an invalid free in the MagickFree function in magick/memory.c ...)
 	- graphicsmagick <unfixed> (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484196

More information about the Secure-testing-commits mailing list