[Git][security-tracker-team/security-tracker][master] Demote severity of CVE-2019-6129 to unimportant across source packages

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0194b263 by Salvatore Bonaccorso at 2019-01-21T20:11:41Z
Demote severity of CVE-2019-6129 to unimportant across source packages

Reasoning explained in upstream report at
https://github.com/glennrp/libpng/issues/269 .

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -940,8 +940,7 @@ CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the 
function fz_load_page of t
        NOTE: 
http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed
 CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory 
leak, as ...)
        - libpng1.6 <unfixed> (unimportant)
-       - libpng <removed>
-       [jessie] - libpng <ignored> (no security impact)
+       - libpng <removed> (unimportant)
        NOTE: https://github.com/glennrp/libpng/issues/269
        NOTE: Memory leak in CLI tool, no security impact
 CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a 
memory ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0194b263bfef7f0e18c0e7bd1b11d01b5ec8d2de

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0194b263bfef7f0e18c0e7bd1b11d01b5ec8d2de
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits