Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0194b263 by Salvatore Bonaccorso at 2019-01-21T20:11:41Z Demote severity of CVE-2019-6129 to unimportant across source packages Reasoning explained in upstream report at https://github.com/glennrp/libpng/issues/269 . - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -940,8 +940,7 @@ CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of t NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...) - libpng1.6 <unfixed> (unimportant) - - libpng <removed> - [jessie] - libpng <ignored> (no security impact) + - libpng <removed> (unimportant) NOTE: https://github.com/glennrp/libpng/issues/269 NOTE: Memory leak in CLI tool, no security impact CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0194b263bfef7f0e18c0e7bd1b11d01b5ec8d2de -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0194b263bfef7f0e18c0e7bd1b11d01b5ec8d2de You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits