[Secure-testing-commits] r43112 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jul 11 08:28:29 UTC 2016
Author: jmm
Date: 2016-07-11 08:28:28 +0000 (Mon, 11 Jul 2016)
New Revision: 43112
Modified:
data/CVE/list
Log:
more openjpeg2 fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-11 08:22:27 UTC (rev 43111)
+++ data/CVE/list 2016-07-11 08:28:28 UTC (rev 43112)
@@ -8955,7 +8955,7 @@
NOTE: https://www.flashrom.org/pipermail/flashrom/2016-March/014523.html
CVE-2016-3183 [Out-Of-Bounds Read in sycc422_to_rgb function]
RESERVED
- - openjpeg2 <unfixed> (bug #818399)
+ - openjpeg2 2.1.1-1 (bug #818399)
NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/14
NOTE: https://github.com/uclouvain/openjpeg/issues/726
CVE-2016-3182 [Heap Corruption in opj_free function]
@@ -13287,10 +13287,10 @@
- lha <removed> (unimportant)
NOTE: Non-free not supported
CVE-2016-1924 (The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote ...)
- - openjpeg2 <unfixed> (bug #818399)
+ - openjpeg2 2.1.1-1 (bug #818399)
NOTE: https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e
CVE-2016-1923 (Heap-based buffer overflow in the opj_j2k_update_image_data function ...)
- - openjpeg2 <unfixed> (bug #818399)
+ - openjpeg2 2.1.1-1 (bug #818399)
CVE-2016-1920 [VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3]
RESERVED
NOT-FOR-US: KNOX 1.0 / Android 4.3
More information about the Secure-testing-commits
mailing list