[Secure-testing-commits] r41691 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri May 13 04:35:11 UTC 2016
Author: carnil
Date: 2016-05-13 04:35:10 +0000 (Fri, 13 May 2016)
New Revision: 41691
Modified:
data/CVE/list
Log:
CVE-2016-479{6,7}/OpenJPEG assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-12 21:38:36 UTC (rev 41690)
+++ data/CVE/list 2016-05-13 04:35:10 UTC (rev 41691)
@@ -414,12 +414,13 @@
RESERVED
CVE-2016-4575
RESERVED
-CVE-2016-XXXX [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
+CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
-CVE-2016-XXXX [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
+CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
+ NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
CVE-2016-4794 [bpf related UAF]
- linux <unfixed>
CVE-2016-4573
More information about the Secure-testing-commits
mailing list