diff options
| author | Adrian Bunk <bunk@debian.org> | 2021-12-27 10:32:02 +0200 |
|---|---|---|
| committer | Adrian Bunk <bunk@debian.org> | 2021-12-27 10:33:00 +0200 |
| commit | 724f26afe3383e75e718690272539cce65acdbbf (patch) | |
| tree | 762df427e4165bb71da2cf3856caff59173ed3fa /data/CVE/2017.list | |
| parent | e4e8504d318b7404bf3ff31410c0489dccba45b1 (diff) | |
Mark CVE-2017-2870 and CVE-2017-6311 in gdk-pixbuf as ignored, not not-affected in stretch
Diffstat (limited to 'data/CVE/2017.list')
| -rw-r--r-- | data/CVE/2017.list | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index d2aa379a48..ee9bab3e9b 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -36578,7 +36578,7 @@ CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-depende NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=a6303ad765882555cf1b278a09be5f9e4cf3a39d CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attack ...) - gdk-pixbuf 2.36.10-1 (bug #858491; unimportant) - [stretch] - gdk-pixbuf <not-affected> (thumbnailer not installed before 2.36.5-3) + [stretch] - gdk-pixbuf <ignored> (thumbnailer not installed before 2.36.5-3) [jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1) [wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=778204 @@ -45573,7 +45573,7 @@ CVE-2017-2871 (Insufficient security checks exist in the recovery procedure used CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the tiff_image ...) {DLA-2043-1} - gdk-pixbuf 2.36.10-1 (unimportant; bug #873787) - [stretch] - gdk-pixbuf <not-affected> (Built with GCC in Debian) + [stretch] - gdk-pixbuf <ignored> (Built with GCC in Debian) NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=31a6cff3dfc6944aad4612a9668b8ad39122e48b NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770986 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780269 |