thr3ads.net - Secure testing commits - [Secure-testing-commits] r9781

If this information is useful, please help other people find it:
Share via:

white at alioth.debian.org

2008-Sep-09 12:27 UTC

[Secure-testing-commits] r9781 - data/CVE

Author: white
Date: 2008-09-09 12:27:48 +0000 (Tue, 09 Sep 2008)
New Revision: 9781

Modified:
   data/CVE/list
Log:
one off-by-one error in libpng affects the debian versions

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-09-09 11:58:08 UTC (rev 9780)
+++ data/CVE/list	2008-09-09 12:27:48 UTC (rev 9781)
@@ -1,3 +1,12 @@
+begin claimed by white
+CVE-2008-XXXX [libpng off-by-one error]
+	- libpng <unfixed>
+	NOTE: CVE id requested
+	NOTE: off-by-one error in pngpread.c is not present, must have
+	NOTE: been introduced later, but I think pngtest.c is affected
+	TODO: check that 1.2.32 is not uploaded, as it also includes
+	TODO: the off-by-one error in pngpread.c
+end claimed by white
 CVE-2008-XXXX [multiple heap based overflows in xine-lib]
 	- xine-lib <unfixed> (medium; bug #498243)
 	NOTE: CVE ids requested

Secure testing commits - Sep 2008 - r9781 - data/CVE

[Secure-testing-commits] r9781 - data/CVE