[Secure-testing-commits] r34184 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 11 20:35:07 UTC 2015
Author: carnil
Date: 2015-05-11 20:35:07 +0000 (Mon, 11 May 2015)
New Revision: 34184
Modified:
data/CVE/list
Log:
Update list of possibly affected source package by dcraw issue
NOTE: no time to fully investigate the issue/affected packages. Thus
left the TODO item.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-11 19:40:54 UTC (rev 34183)
+++ data/CVE/list 2015-05-11 20:35:07 UTC (rev 34184)
@@ -1,7 +1,17 @@
CVE-2015-XXXX [dcraw imput sanitization errors]
- dcraw <unfixed> (bug #785019)
+ - ufraw <unfixed>
+ - libraw <unfixed>
+ - rawtherapee <unfixed>
+ - rawstudio <removed>
+ - xbmc <unfixed>
+ - kodi <itp> (bug #767180)
+ - exactimage <unfixed>
+ - freeimage <unfixed>
+ - darktable <unfixed>
NOTE: http://www.ocert.org/advisories/ocert-2015-006.html
- TODO: check other affected source packages
+ NOTE: https://codesearch.debian.net/results/int%20CLASS%20ljpeg_start
+ TODO: check still needed (list complete? affected versions?)
CVE-2015-XXXX [open redirect]
- phpbb3 3.0.14-1
NOTE: https://wiki.phpbb.com/Release_Highlights/3.0.14
More information about the Secure-testing-commits
mailing list