jmm-guest at alioth.debian.org
2007-Oct-15 17:14 UTC
[Secure-testing-commits] r6970 - in data: CVE DSA
Author: jmm-guest
Date: 2007-10-15 17:14:58 +0000 (Mon, 15 Oct 2007)
New Revision: 6970
Modified:
data/CVE/list
data/DSA/list
Log:
wesnoth DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-15 12:10:34 UTC (rev 6969)
+++ data/CVE/list 2007-10-15 17:14:58 UTC (rev 6970)
@@ -263,7 +263,7 @@
CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before
1.2.21 ...)
- libpng 1.2.15~beta5-3 (low; bug #446308)
CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use
(1) ...)
- - libpng <not-affected> (vulnerable code not present in Debian version)
+ - libpng <not-affected> (Vulnerable code not present in Debian version,
introduced in 1.2.19)
CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the
png_set_iCCP ...)
- libpng <not-affected> (vulnerable code not present)
NOTE: the version in Debian does not use strncpy to copy the buffer so this
off-by-one
Modified: data/DSA/list
==================================================================---
data/DSA/list 2007-10-15 12:10:34 UTC (rev 6969)
+++ data/DSA/list 2007-10-15 17:14:58 UTC (rev 6970)
@@ -1,3 +1,7 @@
+[15 Oct 2007] DSA-1386-1 wesnoth
+ {CVE-2007-3917}
+ [etch] - wesnoth 1.2-2
+ [sarge] - wesnoth 0.9.0-6
[08 Oct 2007] DSA-1385-1 xfs
{CVE-2007-4568 CVE-2007-4990}
[etch] - xfs 1.0.1-7