[Secure-testing-commits] r31653 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jan 25 06:29:31 UTC 2015 

Author: carnil
Date: 2015-01-25 06:29:31 +0000 (Sun, 25 Jan 2015)
New Revision: 31653

Modified:
   data/CVE/list
Log:
Add new tiff issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-25 06:19:33 UTC (rev 31652)
+++ data/CVE/list	2015-01-25 06:29:31 UTC (rev 31653)
@@ -7373,14 +7373,39 @@
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commit;h=1f4831ee (v1.2.9-rc1)
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-December/msg00551.html
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-December/msg00600.html
-CVE-2014-8130
+CVE-2014-8130 [divide by zero]
 	RESERVED
-CVE-2014-8129
+	- tiff <unfixed>
+	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2483
+CVE-2014-8129 [out-of-bound read and write]
 	RESERVED
-CVE-2014-8128
+	- tiff <unfixed>
+	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2487 (tiff2pdf)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2488 (tiff2pdf)
+CVE-2014-8128 [out-of-bounds write]
 	RESERVED
-CVE-2014-8127
+	- tiff <unfixed>
+	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2489 (thumbnail)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2490 (tiffdither)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2491 (tiffdither)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2492 (tiffdither)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2493 (thumbnail and tiffcmp)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2495 (tiff2pdf)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2499 (thumbnail and tiffcmp)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2501 (tiffdither)
+CVE-2014-8127 [out-of-bound reads]
 	RESERVED
+	- tiff <unfixed>
+	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2484 (thumbnail)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2485 (tiff2bw)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2486 (tiff2rgba)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2496 (tiff2ps and tiffdither)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2497 (tiffmedian)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2500 (tiffset)
 CVE-2014-8126 [mailx invocation enables code execution as condor user]
 	RESERVED
 	- condor 8.2.3~dfsg.1-6 (bug #775276)

More information about the Secure-testing-commits mailing list