[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Prefix commit identifier
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 13 15:05:37 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8ed21933 by Salvatore Bonaccorso at 2018-01-13T16:04:58+01:00
Prefix commit identifier
- - - - -
c7189544 by Salvatore Bonaccorso at 2018-01-13T16:05:17+01:00
Add infomrmation about fix for CVE-2017-6313/gdk-pixbuf
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47207,7 +47207,7 @@ CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf a
[wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next update)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020
NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=1e513abdb55529f888233d3c96b27352d83aad5f
+ NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=1e513abdb55529f888233d3c96b27352d83aad5f
CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in ...)
- gdk-pixbuf <unfixed> (bug #856445)
[stretch] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point release)
@@ -47215,6 +47215,8 @@ CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in
[wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next update)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779016
NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
+ NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=210b16399a492d05efb209615a143920b24251f4
+ NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=4cc39d479356b6b09e3d62a0f3ab424db6c266d8
CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent ...)
- gdk-pixbuf <unfixed> (bug #856444)
[stretch] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point release)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/525411c1bca5dcc37f6c40c5d296ebf00748b63c...c718954441d722af5269d2a15670093dd3451d25
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/525411c1bca5dcc37f6c40c5d296ebf00748b63c...c718954441d722af5269d2a15670093dd3451d25
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180113/98789227/attachment.html>
More information about the Secure-testing-commits
mailing list