[Secure-testing-commits] r39143 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jan 24 14:07:01 UTC 2016


Author: carnil
Date: 2016-01-24 14:07:01 +0000 (Sun, 24 Jan 2016)
New Revision: 39143

Modified:
   data/CVE/list
Log:
Add two tiff issues which do not have a CVE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-24 13:32:03 UTC (rev 39142)
+++ data/CVE/list	2016-01-24 14:07:01 UTC (rev 39143)
@@ -2,6 +2,12 @@
 	- php-openid <unfixed>
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/24/2
 	TODO: check
+CVE-2015-XXXX [Out-of-bounds write for invalid images using LogL compression]
+	- tiff 4.0.6-1
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
+CVE-2015-XXXX [uninitialized memory in NeXTDecode]
+	- tiff 4.0.6-1
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2508
 CVE-2015-XXXX [insecure use of temporary files]
 	- node-cli <unfixed> (bug #809252)
 	[jessie] - node-cli <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list