[Secure-testing-commits] r40811 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-04-08 06:40:56 +0000 (Fri, 08 Apr 2016)
New Revision: 40811

Modified:
   data/CVE/list
Log:
Add more tiff issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-08 06:40:25 UTC (rev 40810)
+++ data/CVE/list	2016-04-08 06:40:56 UTC (rev 40811)
@@ -55,8 +55,11 @@
 	NOTE: https://golang.org/cl/21428
 CVE-2016-3946
 	RESERVED
-CVE-2016-3945
+CVE-2016-3945 [Out-of-bounds Write in the tiff2rgba tool]
 	RESERVED
+	- tiff <unfixed>
+	- tiff3 <removed>
+	TODO: check
 CVE-2016-XXXX [Buffer over-write in finfo_open with malformed magic file]
 	- php7.0 7.0.5-1
 	- php5 <unfixed>
@@ -777,12 +780,21 @@
 	RESERVED
 CVE-2016-3626
 	RESERVED
-CVE-2016-3625
+CVE-2016-3625 [Out-of-bounds Read occurred in tif_read.c:545 or tif_read.c:402 or tif_read.c:560 in tiff2bw]
 	RESERVED
-CVE-2016-3624
+	- tiff <unfixed>
+	- tiff3 <removed>
+	TODO: check
+CVE-2016-3624 [Out-of-bounds Write occurred in function cvtClump in rgb2ycbcr]
 	RESERVED
-CVE-2016-3623
+	- tiff <unfixed>
+	- tiff3 <removed>
+	TODO: check
+CVE-2016-3623 [Divide By Zero in the rgb2ycbcr tool]
 	RESERVED
+	- tiff <unfixed>
+	- tiff3 <removed>
+	TODO: check
 CVE-2016-3622 [Division by zero in fpAcc function]
 	RESERVED
 	- tiff <unfixed> (low; bug #820365)