[Secure-testing-commits] r41691 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri May 13 04:35:11 UTC 2016


Author: carnil
Date: 2016-05-13 04:35:10 +0000 (Fri, 13 May 2016)
New Revision: 41691

Modified:
   data/CVE/list
Log:
CVE-2016-479{6,7}/OpenJPEG assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-12 21:38:36 UTC (rev 41690)
+++ data/CVE/list	2016-05-13 04:35:10 UTC (rev 41691)
@@ -414,12 +414,13 @@
 	RESERVED
 CVE-2016-4575
 	RESERVED
-CVE-2016-XXXX [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
+CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
 	- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
-CVE-2016-XXXX [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
+CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
 	- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
+	NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
 CVE-2016-4794 [bpf related UAF]
 	- linux <unfixed>
 CVE-2016-4573




More information about the Secure-testing-commits mailing list