[Secure-testing-commits] r47612 - data/CVE

Salvatore Bonaccorso Fri, 30 Dec 2016 23:18:59 -0800

Author: carnil
Date: 2016-12-31 07:17:54 +0000 (Sat, 31 Dec 2016)
New Revision: 47612


Modified:
   data/CVE/list
Log:
Update status for CVE-2016-10087/libpng

Add bugreference #849799 as reported to BTS.

Add upstream commits for libpng16 and libpng12 braches.

Mark issue as no-dsa for jessie.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-12-31 06:56:12 UTC (rev 47611)
+++ data/CVE/list       2016-12-31 07:17:54 UTC (rev 47612)
@@ -2241,10 +2241,13 @@
 CVE-2017-3895
        RESERVED
 CVE-2016-10087 [NULL pointer dereference]
-       - libpng1.6 <unfixed>
+       - libpng1.6 <unfixed> (bug #849799)
        - libpng <removed>
+       [jessie] - libpng <no-dsa> (Minor issue)
        NOTE: Fixed in 1.0.67, 1.2.57, 1.4.20, 1.5.28, 1.6.27
        NOTE: 
https://sourceforge.net/p/libpng/code/ci/243d4e5f3fe71740d52a53cf3dd77cc83a3430ba
+       NOTE: 
https://sourceforge.net/p/libpng/code/ci/812768d7a9c973452222d454634496b25ed415eb
 (libpng16)
+       NOTE: 
https://sourceforge.net/p/libpng/code/ci/794a15fad6add4d636369d0b46f603a02995b2e2/
 (libpng12)
 CVE-2016-10075 [insecure use of git]
        RESERVED
        - tqdm <unfixed> (bug #849632)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r47612 - data/CVE

Reply via email to