22404 – pngcrush new security issue CVE-2015-7700

Bug 22404 - pngcrush new security issue CVE-2015-7700

Summary: pngcrush new security issue CVE-2015-7700

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Rémi Verschelde
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-01-16 13:57 CET by David Walser
Modified:	2018-10-02 10:29 CEST (History)
CC List:	1 user (show)

See Also:
Source RPM:	pngcrush-1.7.84-1.mga5.src.rpm
CVE:
Status comment:	Fixed upstream in 1.7.87

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-01-16 13:57:01 CET

openSUSE has issued an advisory on January 15:
https://lists.opensuse.org/opensuse-updates/2018-01/msg00042.html

The issue was fixed upstream in 1.7.87.

Comment 1 Marja Van Waes 2018-01-16 15:25:25 CET

Assigning to the registered pngcrush maintainer.

Component: RPM Packages => Security
QA Contact: (none) => security
Assignee: bugsquad => rverschelde
CC: (none) => marja11

David Walser 2018-02-02 18:11:02 CET

Status comment: (none) => Fixed upstream in 1.7.87

Comment 2 Marja Van Waes 2018-10-02 10:29:24 CEST

Did didn't get fixed for Mga5, but 6 is OK

Resolution: (none) => OLD
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.