[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-6245

Salvatore Bonaccorso carnil at debian.org
Fri Feb 1 23:00:28 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11b17fbf by Salvatore Bonaccorso at 2019-02-01T22:57:17Z
Add fixed version for CVE-2019-6245

Note for reviewers: Actually possibly the issue was already fixed in
2.5+dfsg1-3 with the inclusion of the 05-fix-recursion-crash.patch
patch. So pinpointing the fixed version needs re-evaluation here.

After 'respin' of a non-dead branch of 2.4's agg version the issue was
fixed in revision 119 and included in 1:2.4-r127+dfsg1-1 but the
05-fix-recursion-crash.patch patch was carried up in each subsequent
versions before that switch.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2506,7 +2506,7 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling
 	NOTE: https://github.com/svgpp/svgpp/issues/70
 CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
 	{DLA-1656-1}
-	- agg <unfixed> (bug #919322)
+	- agg 1:2.4-r127+dfsg1-1 (bug #919322)
 	- svgpp <unfixed> (bug #919321)
 	NOTE: https://github.com/svgpp/svgpp/issues/70
 	NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190201/63529adb/attachment.html>


More information about the debian-security-tracker-commits mailing list