[Secure-testing-commits] r40374 - data/CVE

Mon Mar 14 18:23:05 UTC 2016

Author: carnil
Date: 2016-03-14 18:23:05 +0000 (Mon, 14 Mar 2016)
New Revision: 40374

Modified:
   data/CVE/list
Log:
Add three issues in openjpeg2

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-03-14 18:18:21 UTC (rev 40373)
+++ data/CVE/list	2016-03-14 18:23:05 UTC (rev 40374)
@@ -1,3 +1,15 @@
+CVE-2016-XXXX [Out-Of-Bounds Read in sycc422_to_rgb function]
+	- openjpeg2 <unfixed>
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/14/14
+	TODO: check
+CVE-2016-XXXX [Heap Corruption in opj_free function]
+	- openjpeg2 <unfixed>
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/14/13
+	TODO: check, possibly as well src:openjpeg
+CVE-2016-XXXX [Out-Of-Bounds Read in opj_tcd_free_tile function]
+	- openjpeg2 <unfixed>
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/14/12
+	TODO: check
 CVE-2016-XXXX [An invalid off by one read can happen in the function pr_fs_dircat()]
 	- proftpd-dfsg <unfixed>
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4194


