[Secure-testing-commits] r31654 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jan 25 06:32:26 UTC 2015 

Author: carnil
Date: 2015-01-25 06:32:26 +0000 (Sun, 25 Jan 2015)
New Revision: 31654

Modified:
   data/CVE/list
Log:
Add more references and informations for the tiff issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-25 06:29:31 UTC (rev 31653)
+++ data/CVE/list	2015-01-25 06:32:26 UTC (rev 31654)
@@ -7377,35 +7377,39 @@
 	RESERVED
 	- tiff <unfixed>
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2483
 CVE-2014-8129 [out-of-bound read and write]
 	RESERVED
 	- tiff <unfixed>
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8129-LibTIFF-Out-of-bounds_Reads_and_Writes.txt
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2487 (tiff2pdf)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2488 (tiff2pdf)
 CVE-2014-8128 [out-of-bounds write]
 	RESERVED
 	- tiff <unfixed>
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2489 (thumbnail)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2490 (tiffdither)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2491 (tiffdither)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2492 (tiffdither)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2493 (thumbnail and tiffcmp)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2495 (tiff2pdf)
-	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2499 (thumbnail and tiffcmp)
-	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2501 (tiffdither)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2499 (thumbnail and tiffcmp) [not fixed yet in CVS HEAD]
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2501 (tiffdither) [not fixed yet in CVS HEAD]
 CVE-2014-8127 [out-of-bound reads]
 	RESERVED
 	- tiff <unfixed>
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
+	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8127-LibTIFF-Out-of-bounds_Reads.txt
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2484 (thumbnail)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2485 (tiff2bw)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2486 (tiff2rgba)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2496 (tiff2ps and tiffdither)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2497 (tiffmedian)
-	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2500 (tiffset)
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2500 (tiffset) [not fixed yet in CVS HEAD]
 CVE-2014-8126 [mailx invocation enables code execution as condor user]
 	RESERVED
 	- condor 8.2.3~dfsg.1-6 (bug #775276)

More information about the Secure-testing-commits mailing list