[Secure-testing-commits] r41690 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2016-05-12 21:38:36 +0000 (Thu, 12 May 2016)
New Revision: 41690

Modified:
   data/CVE/list
Log:
two openjpeg issues don't affect the latest release in the Debian archive


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-12 21:10:12 UTC (rev 41689)
+++ data/CVE/list	2016-05-12 21:38:36 UTC (rev 41690)
@@ -415,10 +415,10 @@
 CVE-2016-4575
 	RESERVED
 CVE-2016-XXXX [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
-	- openjpeg2 <unfixed>
+	- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
 CVE-2016-XXXX [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
-	- openjpeg2 <unfixed>
+	- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
 CVE-2016-4794 [bpf related UAF]
 	- linux <unfixed>