[Secure-testing-commits] r39275 - data/CVE
Ben Hutchings
benh at moszumanska.debian.org
Thu Jan 28 20:29:56 UTC 2016
Author: benh
Date: 2016-01-28 20:29:56 +0000 (Thu, 28 Jan 2016)
New Revision: 39275
Modified:
data/CVE/list
Log:
Remove <no-dsa> for CVE-2015-{5203,5221}; these are not minor issues
Both of these involve double-free and I haven't found any explanation of
why they are minor.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-28 20:22:23 UTC (rev 39274)
+++ data/CVE/list 2016-01-28 20:29:56 UTC (rev 39275)
@@ -15199,9 +15199,6 @@
CVE-2015-5221 [use-after-free in mif_process_cmpt]
RESERVED
- jasper <unfixed> (bug #796253)
- [jessie] - jasper <no-dsa> (Minor issue)
- [wheezy] - jasper <no-dsa> (Minor issue)
- [squeeze] - jasper <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2015/08/20/4
CVE-2015-5220 (The Web Console in Red Hat Enterprise Application Platform (EAP) ...)
NOT-FOR-US: JBoss EAP
@@ -15257,9 +15254,6 @@
CVE-2015-5203 [double free triggered by jasper_image_stop_load function]
RESERVED
- jasper <unfixed> (bug #796107)
- [squeeze] - jasper <no-dsa> (Minor issue)
- [wheezy] - jasper <no-dsa> (Minor issue)
- [jessie] - jasper <no-dsa> (Minor issue)
NOTE: Analysis/More information: https://bugzilla.redhat.com/show_bug.cgi?id=1254242#c3
CVE-2015-5202
RESERVED
More information about the Secure-testing-commits
mailing list