[Secure-testing-commits] r39518 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Feb 6 14:30:49 UTC 2016
Author: carnil
Date: 2016-02-06 14:30:49 +0000 (Sat, 06 Feb 2016)
New Revision: 39518
Modified:
data/CVE/list
Log:
Update information for CVE-2016-0740/pillow
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-06 13:57:34 UTC (rev 39517)
+++ data/CVE/list 2016-02-06 14:30:49 UTC (rev 39518)
@@ -4526,9 +4526,10 @@
CVE-2016-0740 [Buffer overflow in TiffDecode.c]
RESERVED
- pillow <unfixed>
- - python-imaging <removed>
+ - python-imaging <not-affected> (Vulnerable code introduce in 2.0.0)
NOTE: Issue when linked against libtiff >= 4.0.0
- NOTE: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e
+ NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e (3.1.1)
+ NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/e782fe721e0156de9636e78cd881d9f9e7e6ce50 (2.0.0)
CVE-2016-0739
RESERVED
CVE-2016-0738 (OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x ...)
More information about the Secure-testing-commits
mailing list