[Secure-testing-commits] r46269 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Nov 17 11:33:18 UTC 2016


Author: carnil
Date: 2016-11-17 11:33:18 +0000 (Thu, 17 Nov 2016)
New Revision: 46269

Modified:
   data/CVE/list
Log:
Add CVE-2016-9388/jasper

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-17 11:31:13 UTC (rev 46268)
+++ data/CVE/list	2016-11-17 11:33:18 UTC (rev 46269)
@@ -1,3 +1,7 @@
+CVE-2016-9388 [ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *, ras_cmap_t *): Assertion `numcolors <= 256' failed.]
+	- jasper <removed>
+	NOTE: Fix: https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823
+	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00005-jasper-assert-ras_getcmap
 CVE-2016-9387 [jas_seq.c:90: jas_matrix<= yend' failed.]
 	- jasper <removed>
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf




More information about the Secure-testing-commits mailing list