[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-2870 and CVE-2017-6311 in gdk-pixbuf as ignored, not not-affected in stretch

Adrian Bunk (@bunk) bunk at debian.org
Mon Dec 27 08:33:11 GMT 2021 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
063b72dd by Adrian Bunk at 2021-12-27T10:33:00+02:00
Mark CVE-2017-2870 and CVE-2017-6311 in gdk-pixbuf as ignored, not not-affected in stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -295286,7 +295286,7 @@ CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-depende
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=a6303ad765882555cf1b278a09be5f9e4cf3a39d
 CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attack ...)
 	- gdk-pixbuf 2.36.10-1 (bug #858491; unimportant)
-	[stretch] - gdk-pixbuf <not-affected> (thumbnailer not installed before 2.36.5-3)
+	[stretch] - gdk-pixbuf <ignored> (thumbnailer not installed before 2.36.5-3)
 	[jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
 	[wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=778204
@@ -305945,7 +305945,7 @@ CVE-2017-2871 (Insufficient security checks exist in the recovery procedure used
 CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the tiff_image ...)
 	{DLA-2043-1}
 	- gdk-pixbuf 2.36.10-1 (unimportant; bug #873787)
-	[stretch] - gdk-pixbuf <not-affected> (Built with GCC in Debian)
+	[stretch] - gdk-pixbuf <ignored> (Built with GCC in Debian)
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=31a6cff3dfc6944aad4612a9668b8ad39122e48b
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770986
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780269



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/063b72dde3716555d521145ff3166174e00e019b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/063b72dde3716555d521145ff3166174e00e019b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211227/2d918bfd/attachment.htm>

More information about the debian-security-tracker-commits mailing list