[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-2870 and CVE-2017-6311 in gdk-pixbuf as ignored, not not-affected in stretch

Mon, 27 Dec 2021 00:33:20 -0800 


Adrian Bunk pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
063b72dd by Adrian Bunk at 2021-12-27T10:33:00+02:00
Mark CVE-2017-2870 and CVE-2017-6311 in gdk-pixbuf as ignored, not not-affected 
in stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -295286,7 +295286,7 @@ CVE-2017-6312 (Integer overflow in io-ico.c in 
gdk-pixbuf allows context-depende
        NOTE: Tests: 
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=a6303ad765882555cf1b278a09be5f9e4cf3a39d
 CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent 
attack ...)
        - gdk-pixbuf 2.36.10-1 (bug #858491; unimportant)
-       [stretch] - gdk-pixbuf <not-affected> (thumbnailer not installed before 
2.36.5-3)
+       [stretch] - gdk-pixbuf <ignored> (thumbnailer not installed before 
2.36.5-3)
        [jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
        [wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=778204
@@ -305945,7 +305945,7 @@ CVE-2017-2871 (Insufficient security checks exist in 
the recovery procedure used
 CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the 
tiff_image ...)
        {DLA-2043-1}
        - gdk-pixbuf 2.36.10-1 (unimportant; bug #873787)
-       [stretch] - gdk-pixbuf <not-affected> (Built with GCC in Debian)
+       [stretch] - gdk-pixbuf <ignored> (Built with GCC in Debian)
        NOTE: 
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=31a6cff3dfc6944aad4612a9668b8ad39122e48b
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770986
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780269



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/063b72dde3716555d521145ff3166174e00e019b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/063b72dde3716555d521145ff3166174e00e019b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to