[Git][security-tracker-team/security-tracker][master] Demote severity of CVE-2019-6129 to unimportant across source packages
Salvatore Bonaccorso
carnil at debian.org
Mon Jan 21 20:12:27 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0194b263 by Salvatore Bonaccorso at 2019-01-21T20:11:41Z
Demote severity of CVE-2019-6129 to unimportant across source packages
Reasoning explained in upstream report at
https://github.com/glennrp/libpng/issues/269 .
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -940,8 +940,7 @@ CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of t
NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed
CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...)
- libpng1.6 <unfixed> (unimportant)
- - libpng <removed>
- [jessie] - libpng <ignored> (no security impact)
+ - libpng <removed> (unimportant)
NOTE: https://github.com/glennrp/libpng/issues/269
NOTE: Memory leak in CLI tool, no security impact
CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0194b263bfef7f0e18c0e7bd1b11d01b5ec8d2de
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0194b263bfef7f0e18c0e7bd1b11d01b5ec8d2de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190121/9dba6b1a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list