gilbert-guest at alioth.debian.org
2009-Mar-01 04:09 UTC
[Secure-testing-commits] r11285 - data/CVE
Author: gilbert-guest
Date: 2009-03-01 04:09:52 +0000 (Sun, 01 Mar 2009)
New Revision: 11285
Modified:
data/CVE/list
Log:
adding info on etch fixed version and marking libpng3 as <not-affected>
since that better describes the situation (code is present in libgd2 and not
libpng3)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-03-01 04:01:14 UTC (rev 11284)
+++ data/CVE/list 2009-03-01 04:09:52 UTC (rev 11285)
@@ -27856,8 +27856,9 @@
CVE-2007-2445 (The png_handle_tRNS function in pngrutil.c in libpng before
1.0.25 and ...)
{DSA-1613-1}
- libgd2 2.0.35.dfsg-1 (low)
+ [etch] - libgd2 2.0.33-5.2etch1 (low)
- libpng 1.2.15~beta5-2 (unimportant)
- - libpng3 <unfixed> (unimportant)
+ - libpng3 <not-affected> (unimportant)
NOTE: Only a crash, no code injection. Calling this DoS stretches things
rather far
CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in
Samba ...)
{DSA-1291-2 DTSA-41-1}