[Secure-testing-commits] r46270 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Nov 17 11:37:32 UTC 2016
Author: carnil
Date: 2016-11-17 11:37:32 +0000 (Thu, 17 Nov 2016)
New Revision: 46270
Modified:
data/CVE/list
Log:
Add CVE-2016-9389/jasper
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-17 11:33:18 UTC (rev 46269)
+++ data/CVE/list 2016-11-17 11:37:32 UTC (rev 46270)
@@ -1,3 +1,8 @@
+CVE-2016-9389
+ - jasper <removed>
+ NOTE: Fix: https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba
+ NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00006-jasper-assert-jpc_irct
+ NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00008-jasper-assert-jpc_iict
CVE-2016-9388 [ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *, ras_cmap_t *): Assertion `numcolors <= 256' failed.]
- jasper <removed>
NOTE: Fix: https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823
More information about the Secure-testing-commits
mailing list