[Secure-testing-commits] r39618 - data/CVE
Brian May
bam at moszumanska.debian.org
Fri Feb 12 00:11:23 UTC 2016
Author: bam
Date: 2016-02-12 00:11:23 +0000 (Fri, 12 Feb 2016)
New Revision: 39618
Modified:
data/CVE/list
Log:
dcraw
dcraw not affected by CVE-2015-8367, as vulnerability is in C++ code, and dcraw
is C only.
dcraw 8.99-1+b1 in squeeze and wheezy looks safe from CVE-2015-8366.
dcraw 9.21-0.2+b2 in jessie and sid appears to be vulnerable to CVE-2015-8366.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-11 22:13:40 UTC (rev 39617)
+++ data/CVE/list 2016-02-12 00:11:23 UTC (rev 39618)
@@ -7131,7 +7131,7 @@
[jessie] - libraw 0.16.0-9+deb8u2
[wheezy] - libraw <not-affected> (Vulnerable code not present)
[squeeze] - libraw <not-affected> (Vulerable code not present)
- - dcraw <undetermined>
+ - dcraw <not-affected> (Vulerable code not present)
- kodi <undetermined>
- darktable 2.0.0-1
[jessie] - darktable <not-affected> (vulerable code not present)
@@ -7150,7 +7150,9 @@
[jessie] - libraw 0.16.0-9+deb8u2
[wheezy] - libraw <not-affected> (Vulnerable code not present)
[squeeze] - libraw <not-affected> (Vulnerable code not present)
- - dcraw <undetermined>
+ [squeeze] - dcraw <not-affected> (Vulnerable code not present)
+ [wheezy] - dcraw <not-affected> (Vulnerable code not present)
+ [jessie] - dcraw <unfixed>
- kodi <undetermined>
- darktable 2.0.0-1
[jessie] - darktable <not-affected> (vulerable code not present)
More information about the Secure-testing-commits
mailing list