[Secure-testing-commits] r39462 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Feb 4 18:35:27 UTC 2016


Author: carnil
Date: 2016-02-04 18:35:27 +0000 (Thu, 04 Feb 2016)
New Revision: 39462

Modified:
   data/CVE/list
Log:
Add CVE-2016-0740/pillow

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-04 16:34:30 UTC (rev 39461)
+++ data/CVE/list	2016-02-04 18:35:27 UTC (rev 39462)
@@ -4391,8 +4391,12 @@
 	NOTE: https://github.com/nginx/nginx/commit/c44fd4e837f979912749a5a19490ccb9b46398d3 (release-1.9.10)
 CVE-2016-0741
 	RESERVED
-CVE-2016-0740
+CVE-2016-0740 [Buffer overflow in TiffDecode.c]
 	RESERVED
+	- pillow <unfixed>
+	- python-imaging <removed>
+	NOTE: Issue when linked against libtiff >= 4.0.0
+	NOTE: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e
 CVE-2016-0739
 	RESERVED
 CVE-2016-0738 (OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x ...)




More information about the Secure-testing-commits mailing list