[Secure-testing-commits] r47442 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 26 10:38:59 UTC 2016
Author: jmm
Date: 2016-12-26 10:38:59 +0000 (Mon, 26 Dec 2016)
New Revision: 47442
Modified:
data/CVE/list
Log:
mark tiffcrop issue as unimportant, crashes in a CLI tool are not security relevant
drop obsolete no-dsa entries for unimportant mingw issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-26 10:20:13 UTC (rev 47441)
+++ data/CVE/list 2016-12-26 10:38:59 UTC (rev 47442)
@@ -2791,8 +2791,7 @@
- tiff 4.0.7-2 (bug #846837)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2608
CVE-2016-XXXX [tiffcrop: divide-by-zero in readSeparateStripsIntoBuffer when BitsPerSample is missing]
- - tiff 4.0.7-2 (bug #846838)
- [jessie] - tiff <no-dsa> (Minor issue)
+ - tiff 4.0.7-2 (unimportant; bug #846838)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2619
CVE-2016-9831 [listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c)]
RESERVED
@@ -24645,8 +24644,6 @@
- gcc-5 <not-affected> (Uses glibc-internal SSP)
- gcc-4.9 <not-affected> (Uses glibc-internal SSP)
- gcc-mingw-w64 <unfixed> (unimportant; bug #848704)
- [jessie] - gcc-mingw-w64 <no-dsa> (Minor issue)
- [wheezy] - gcc-mingw-w64 <no-dsa> (Minor issue)
- mingw32 <removed>
[wheezy] - mingw32 <no-dsa> (Minor issue)
NOTE: Missing security feature, not a direct vulnerability
More information about the Secure-testing-commits
mailing list