[Secure-testing-commits] r36895 - data/CVE

Tue Sep 29 16:04:13 UTC 2015

Author: hertzog
Date: 2015-09-29 16:04:13 +0000 (Tue, 29 Sep 2015)
New Revision: 36895

Modified:
   data/CVE/list
Log:
Review CVE-2015-6581

No version of openjpeg are affected but all versions of openjpeg2 are
affected. Filed a bug for openjpeg2 and added link to upstream fix.

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-09-29 16:03:50 UTC (rev 36894)
+++ data/CVE/list	2015-09-29 16:04:13 UTC (rev 36895)
@@ -1861,13 +1861,13 @@
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2015-6581 (Double free vulnerability in the ...)
-	- openjpeg2 <unfixed>
-	- openjpeg <unfixed>
+	- openjpeg2 <unfixed> (bug #800453)
+	NOTE: Openjpeg2 fix here (not in 2.1.0 and there's no new upstream release yet): https://github.com/uclouvain/openjpeg/commit/0fa5a17c98c4b8f9ee2286f4f0a50cf52a5fccb0
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-	TODO: check
+	NOTE: Versions 1.x of OpenJPEG do not have the vulnerable code (function opj_j2k_copy_default_tcp_and_create_tcd). The "openjpeg" source package is thus not listed.
 CVE-2015-6580 (Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, ...)
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1


