[Secure-testing-commits] r46269 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Nov 17 11:33:18 UTC 2016
Author: carnil
Date: 2016-11-17 11:33:18 +0000 (Thu, 17 Nov 2016)
New Revision: 46269
Modified:
data/CVE/list
Log:
Add CVE-2016-9388/jasper
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-17 11:31:13 UTC (rev 46268)
+++ data/CVE/list 2016-11-17 11:33:18 UTC (rev 46269)
@@ -1,3 +1,7 @@
+CVE-2016-9388 [ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *, ras_cmap_t *): Assertion `numcolors <= 256' failed.]
+ - jasper <removed>
+ NOTE: Fix: https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823
+ NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00005-jasper-assert-ras_getcmap
CVE-2016-9387 [jas_seq.c:90: jas_matrix<= yend' failed.]
- jasper <removed>
NOTE: Fix: https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf
More information about the Secure-testing-commits
mailing list