[Secure-testing-commits] r26327 - data/CVE
Michael Gilbert
mgilbert at moszumanska.debian.org
Fri Mar 28 22:43:49 UTC 2014
Author: mgilbert
Date: 2014-03-28 22:43:49 +0000 (Fri, 28 Mar 2014)
New Revision: 26327
Modified:
data/CVE/list
Log:
tiff info
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-28 22:22:12 UTC (rev 26326)
+++ data/CVE/list 2014-03-28 22:43:49 UTC (rev 26327)
@@ -14083,7 +14083,9 @@
- tiff 4.0.3-3
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
CVE-2013-4243 (Heap-based buffer overflow in the readgifimage function in the ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #742917)
+ [wheezy] - tiff <no-dsa> (only affects the gif2tiff command-line tool)
+ [squeeze] - tiff <no-dsa> (only affects the gif2tiff command-line tool)
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2451
CVE-2013-4242 (GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x ...)
More information about the Secure-testing-commits
mailing list