[Secure-testing-team] Bug#874109: pngcrush:CVE-2015-7700
Salvatore Bonaccorso
carnil at debian.org
Sun Sep 3 09:45:58 UTC 2017
Source: pngcrush
Version: 1.7.65-0.1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for pngcrush.
CVE-2015-7700[0]:
| Double-free vulnerability in the sPLT chunk structure and png.c in
| pngcrush before 1.7.87 allows attackers to have unspecified impact via
| unknown vectors.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-7700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7700
[1] http://sourceforge.net/p/pmt/code/ci/e8ae5a842e86324f0bee91f4d98245fddb8ea5dd
Regards,
Salvatore
More information about the Secure-testing-team
mailing list