Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (2)
mark CVE-2019-17371 as no-dsa for Jessie
· 4df2db6f
Thorsten Alteholz
authored
Oct 18, 2019
4df2db6f
no upload needed for libpng
· df884cd4
Thorsten Alteholz
authored
Oct 18, 2019
df884cd4
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
df884cd4
...
...
@@ -2939,6 +2939,7 @@ CVE-2019-17371 (libpng 1.6.37 has memory leaks in png_malloc_warn and png_create
[buster] - libpng1.6 <no-dsa> (Minor issue)
[stretch] - libpng1.6 <no-dsa> (Minor issue)
- libpng <removed>
[jessie] - libpng <no-dsa> (Minor issue)
NOTE: https://github.com/glennrp/libpng/issues/307
CVE-2019-17370 (OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheck ...)
NOT-FOR-US: OTCMS
data/dla-needed.txt
View file @
df884cd4
...
...
@@ -82,8 +82,6 @@ libmatio (Adrian Bunk)
--
libpcap (Abhijith PA)
--
libpng (Thorsten Alteholz)
--
libqb
NOTE: 20190616: Upstream patch does not apply at all, but it appears that
NOTE: 20190616: package is still vulnerable in ipc_posix_mq.c etc. or
...
...
