[Secure-testing-commits] r22726 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Jun 24 07:14:22 UTC 2013


Author: jmm
Date: 2013-06-24 07:14:21 +0000 (Mon, 24 Jun 2013)
New Revision: 22726

Modified:
   data/CVE/list
Log:
tiff3 update
tpp no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-06-24 06:42:59 UTC (rev 22725)
+++ data/CVE/list	2013-06-24 07:14:21 UTC (rev 22726)
@@ -5411,7 +5411,9 @@
 	RESERVED
 CVE-2013-2208 [arbitrary code execution when processing untrusted TPP template]
 	RESERVED
-	- tpp 1.3.1-3 (bug #706644)
+	- tpp 1.3.1-3 (low; bug #706644)
+	[squeeze] - tpp <no-dsa> (Minor issue)
+	[wheezy] - tpp <no-dsa> (Minor issue)
 CVE-2013-2207
 	RESERVED
 CVE-2013-2206 [sctp: duplicate cookie handling NULL pointer dereference]
@@ -6308,12 +6310,13 @@
 	RESERVED
 	{DSA-2698-1}
 	- tiff 4.0.2-6+nmu1 (bug #706674)
-	- tiff3 <unfixed> (bug #712840)
+	- tiff3 3.9.7-1 (bug #712840)
+	NOTE: tiff command line tools not build in tiff3, only the library parts of CVE-2013-1961 affect tiff3
 CVE-2013-1960 [libtiff-tools: Heap-based buffer overflow in t2_process_jpeg_strip]
 	RESERVED
 	{DSA-2698-1}
 	- tiff 4.0.2-6+nmu1 (bug #706675)
-	- tiff3 <unfixed> (bug #712840)
+	- tiff3 <not-affected> (tiff command line tools not build in tiff3)
 CVE-2013-1959 (kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have ...)
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)




More information about the Secure-testing-commits mailing list