Author: joeyh
Date: 2010-04-11 21:14:22 +0000 (Sun, 11 Apr 2010)
New Revision: 14455
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-04-11 20:22:48 UTC (rev 14454)
+++ data/CVE/list 2010-04-11 21:14:22 UTC (rev 14455)
@@ -3298,6 +3298,7 @@
CVE-2010-0206
RESERVED
CVE-2010-0205 (The png_decompress_chunk function in pngrutil.c in libpng 1.0.x
before ...)
+ {DSA-2032-1}
- libpng 1.2.43-1 (low; bug #572308)
TODO: check freeimage, tuxonice-userui
NOTE: http://www.kb.cert.org/vuls/id/576029
@@ -11658,6 +11659,7 @@
- xulrunner <unfixed> (unimportant)
NOTE: Browser crashes not treated as security issues
CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced
images ...)
+ {DSA-2032-1}
- libpng 1.2.37-1 (low; bug #533676)
[etch] - libpng <no-dsa> (Minor issue, only exploitable in rare setups)
- xulrunner <not-affected> (xulrunner dynamically linked against libpng;
embeded code copy not used)