[Secure-testing-commits] r32920 - data/CVE

Salvatore Bonaccorso Mon, 16 Mar 2015 11:50:14 -0700

Author: carnil
Date: 2015-03-16 18:49:24 +0000 (Mon, 16 Mar 2015)
New Revision: 32920


Modified:
   data/CVE/list
Log:
Add "new" issue in libgd2 and php5

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-03-16 15:58:46 UTC (rev 32919)
+++ data/CVE/list       2015-03-16 18:49:24 UTC (rev 32920)
@@ -39,6 +39,13 @@
 CVE-2015-XXXX [Incomplete fix for CVE-2014-9740]
        - icu <unfixed> (bug #780503)
        [wheezy] - icu <not-affected> (Incomplete patch was never applied)
+CVE-2014-XXXX [gd: buffer read overflow in gd_gif_in.c]
+       - libgd2 2.1.0-5
+       - php5 5.6.5+dfsg-1
+       NOTE: https://bugs.php.net/bug.php?id=68601
+       NOTE: Fix in libgd2: 
https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43
+       NOTE: 
http://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c
+       NOTE: 
http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 CVE-2009-XXXX [memmory leak in hostname TLS extension]
        - openssl 0.9.8g-1
        NOTE: 
https://github.com/openssl/openssl/commit/7587347bc48e7e8a1e800e48bb0a658f1557c424


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r32920 - data/CVE

Reply via email to