Author: carnil Date: 2017-11-19 16:14:22 +0000 (Sun, 19 Nov 2017) New Revision: 57829
Modified: data/CVE/list Log: CVE-2017-1000229: Reference proposed patch Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-19 16:11:10 UTC (rev 57828) +++ data/CVE/list 2017-11-19 16:14:22 UTC (rev 57829) @@ -174,6 +174,7 @@ CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...) - optipng <unfixed> (bug #882032) NOTE: https://sourceforge.net/p/optipng/bugs/65/ + NOTE: Proposed patch: https://sourceforge.net/p/optipng/bugs/_discuss/thread/2a56b3aa/f6bb/attachment/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote code ...) NOT-FOR-US: nodejs ejs CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the REST API ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits