[Secure-testing-commits] r27391 - in data: CVE DSA
Michael Gilbert
mgilbert at moszumanska.debian.org
Sun Jun 22 06:50:45 UTC 2014
Author: mgilbert
Date: 2014-06-22 06:50:44 +0000 (Sun, 22 Jun 2014)
New Revision: 27391
Modified:
data/CVE/list
data/DSA/list
Log:
tiff dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-21 20:23:37 UTC (rev 27390)
+++ data/CVE/list 2014-06-22 06:50:44 UTC (rev 27391)
@@ -18961,9 +18961,7 @@
- tiff 4.0.3-3
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
CVE-2013-4243 (Heap-based buffer overflow in the readgifimage function in the ...)
- - tiff <unfixed> (low; bug #742917)
- [wheezy] - tiff <no-dsa> (only affects the gif2tiff command-line tool)
- [squeeze] - tiff <no-dsa> (only affects the gif2tiff command-line tool)
+ - tiff 4.0.3-9 (low; bug #742917)
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2451
CVE-2013-4242 (GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2014-06-21 20:23:37 UTC (rev 27390)
+++ data/DSA/list 2014-06-22 06:50:44 UTC (rev 27391)
@@ -1,3 +1,6 @@
+[22 Jun 2014] DSA-2965-1 tiff - security update
+ {CVE-2013-4243}
+ [wheezy] - tiff 4.0.2-6+deb7u3
[21 Jun 2014] DSA-2964-1 iodine - security update
{CVE-2014-4168}
[wheezy] - iodine 0.6.0~rc1-12+deb7u1
More information about the Secure-testing-commits
mailing list