[Secure-testing-commits] r49969 - in data: . CVE

Thu, 23 Mar 2017 10:50:27 -0700 

Author: pochu
Date: 2017-03-23 17:49:52 +0000 (Thu, 23 Mar 2017)
New Revision: 49969

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
tag gdk-pixbuf as no-dsa for wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-23 16:56:09 UTC (rev 49968)
+++ data/CVE/list       2017-03-23 17:49:52 UTC (rev 49969)
@@ -2384,16 +2384,19 @@
 CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf 
allows ...)
        - gdk-pixbuf <unfixed> (bug #856448)
        [jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point 
release)
+       [wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next 
update)
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020
        NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c 
in ...)
        - gdk-pixbuf <unfixed> (bug #856445)
        [jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point 
release)
+       [wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next 
update)
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779016
        NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows 
context-dependent ...)
        - gdk-pixbuf <unfixed> (bug #856444)
        [jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point 
release)
+       [wheezy] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed in next 
update)
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779012
        NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent 
...)

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-03-23 16:56:09 UTC (rev 49968)
+++ data/dla-needed.txt 2017-03-23 17:49:52 UTC (rev 49969)
@@ -33,8 +33,6 @@
   NOTE: no update needed yet, but next update will be for ESR 52 as ESR 45 is 
now
   NOTE: EOL. I have already started to look at ESR 52 to anticipate any 
problems
 --
-gdk-pixbuf (Emilio Pozuelo)
---
 graphicsmagick
   NOTE: seems only a single memory/CPU DOS at this point, maybe wait for more 
issues?
   NOTE: DLA-547-1 also did not fix CVE-2016-5240 so should be included in next 
upload.


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to