[Secure-testing-commits] r39612 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Thu Feb 11 19:34:44 UTC 2016
Author: anarcat
Date: 2016-02-11 19:34:44 +0000 (Thu, 11 Feb 2016)
New Revision: 39612
Modified:
data/CVE/list
Log:
Summary: some research on the tiff issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-11 19:12:39 UTC (rev 39611)
+++ data/CVE/list 2016-02-11 19:34:44 UTC (rev 39612)
@@ -3588,6 +3588,8 @@
- tiff <unfixed>
- tiff3 <removed>
NOTE: http://seclists.org/bugtraq/2015/Dec/138
+ NOTE: no fix published yet
+ NOTE: redhat say it's only OOB read: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8668
TODO: check
CVE-2015-8683 [out-of-bounds read in CIE Lab image format]
RESERVED
@@ -9578,6 +9580,7 @@
- tiff <unfixed> (bug #809066)
- tiff3 <removed>
NOTE: http://www.openwall.com/lists/oss-security/2015/12/26/7
+ NOTE: SUSE seem to have a fix: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2015-7554
CVE-2015-7553
RESERVED
CVE-2015-7552
More information about the Secure-testing-commits
mailing list