[Secure-testing-commits] r43092 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Sun Jul 10 15:00:16 UTC 2016
Author: fgeek-guest
Date: 2016-07-10 15:00:16 +0000 (Sun, 10 Jul 2016)
New Revision: 43092
Modified:
data/CVE/list
Log:
CVE-2016-5314/tiff bts
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-10 14:12:11 UTC (rev 43091)
+++ data/CVE/list 2016-07-10 15:00:16 UTC (rev 43092)
@@ -727,7 +727,7 @@
RESERVED
CVE-2016-5875 [tiff: heap-based buffer overflow when using the PixarLog compression format]
RESERVED
- - tiff <unfixed>
+ - tiff <unfixed> (bug #830700)
- tiff3 <removed>
NOTE: Upstream fix: https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
NOTE: Duplicate with CVE-2016-5320 and CVE-2016-5314, cf.
@@ -2213,7 +2213,7 @@
NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=657
CVE-2016-5320 [rgb2ycbcr: command excution]
RESERVED
- - tiff <unfixed>
+ - tiff <unfixed> (bug #830700)
- tiff3 <removed>
TODO: check
NOTE: See http://bugzilla.maptools.org/show_bug.cgi?id=2554#c1
@@ -2226,7 +2226,7 @@
TODO: check, disputable that this actually would be as well a nautilus issue
CVE-2016-5316 [tif_pixarlog.c: PixarLogCleanup() Segmentation fault]
RESERVED
- - tiff <unfixed>
+ - tiff <unfixed> (bug #830700)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2556
NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=656
@@ -2239,7 +2239,7 @@
NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=655
CVE-2016-5314 [PixarLogDecode() out-of-bound writes]
RESERVED
- - tiff <unfixed>
+ - tiff <unfixed> (bug #830700)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2554
NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=654
More information about the Secure-testing-commits
mailing list