[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-5735 is fixed in pngquant

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf323032 by Thorsten Alteholz at 2020-06-28T14:23:08+02:00
CVE-2016-5735 is fixed in pngquant

- - - - -
485fb2ba by Thorsten Alteholz at 2020-06-28T14:23:33+02:00
Reserve DLA-2257-1 for pngquant

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -213847,7 +213847,6 @@ CVE-2016-5736 (The default configuration of the IPsec IKE peer listener in F5 BI
 CVE-2016-5735 (Integer overflow in the rwpng_read_image24_libpng function in rwpng.c  ...)
 	{DLA-966-1}
 	- pngquant 2.5.0-2 (bug #863469)
-	[jessie] - pngquant <no-dsa> (Minor issue)
 	NOTE: https://github.com/pornel/pngquant/commit/b7c217680cda02dddced245d237ebe8c383be285
 CVE-2016-5734 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x be ...)
 	- phpmyadmin 4:4.6.3-1


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Jun 2020] DLA-2257-1 pngquant - security update
+	{CVE-2016-5735}
+	[jessie] - pngquant 2.3.0-1+deb8u1
 [28 Jun 2020] DLA-2256-1 libtirpc - security update
 	{CVE-2016-4429}
 	[jessie] - libtirpc 0.2.5-1+deb8u3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/db5fde2befc3bcf261d48a9d052bd253c2dcb1d6...485fb2ba1d2da486faa6163fdfe3202759822683

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/db5fde2befc3bcf261d48a9d052bd253c2dcb1d6...485fb2ba1d2da486faa6163fdfe3202759822683
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200628/ed9b68e1/attachment.html>