[Git][security-tracker-team/security-tracker][master] 2 commits: issues fixed now

Thu Dec 19 18:35:14 GMT 2019


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a12d6da7 by Thorsten Alteholz at 2019-12-19T18:34:57Z
issues fixed now

- - - - -
c15d7722 by Thorsten Alteholz at 2019-12-19T18:34:57Z
Reserve DLA-2043-1 for gdk-pixbuf

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -152453,7 +152453,6 @@ CVE-2017-6317 (Memory leak in the add_shader_program function in vrend_renderer.
 CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf allows ...)
 	- gdk-pixbuf 2.36.11-2 (low; bug #856448)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
-	[jessie] - gdk-pixbuf <ignored> (Minor issue)
 	[wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next update)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
@@ -152461,7 +152460,6 @@ CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf a
 CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in gdk-p ...)
 	- gdk-pixbuf 2.36.11-2 (low; bug #856445)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
-	[jessie] - gdk-pixbuf <ignored> (Minor issue)
 	[wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next update)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779016
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
@@ -152470,7 +152468,6 @@ CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in
 CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent at ...)
 	- gdk-pixbuf 2.36.11-2 (low; bug #856444)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
-	[jessie] - gdk-pixbuf <ignored> (Minor issue)
 	[wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next update)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779012
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[19 Dec 2019] DLA-2043-1 gdk-pixbuf - security update
+	{CVE-2016-6352 CVE-2017-2870 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314}
+	[jessie] - gdk-pixbuf 2.31.1-2+deb8u8
 [18 Dec 2019] DLA-2042-1 python-django - security update
 	{CVE-2019-19844}
 	[jessie] - python-django 1.7.11-1+deb8u8



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e32ec7ffb4bfde893810967b08f90488f16d4be4...c15d77228f6deff5ce328dcae4a3dd8d19546067

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e32ec7ffb4bfde893810967b08f90488f16d4be4...c15d77228f6deff5ce328dcae4a3dd8d19546067
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191219/3e612950/attachment-0001.html>
