[Secure-testing-commits] r46338 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Sat Nov 19 09:23:35 UTC 2016


Author: fgeek-guest
Date: 2016-11-19 09:23:31 +0000 (Sat, 19 Nov 2016)
New Revision: 46338

Modified:
   data/CVE/list
Log:
CVE-2016-9448/tiff

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-19 09:10:13 UTC (rev 46337)
+++ data/CVE/list	2016-11-19 09:23:31 UTC (rev 46338)
@@ -1,3 +1,7 @@
+CVE-2016-9448 [invalid read of size 1 in TIFFFetchNormalTag]
+	- tiff <unfixed>
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2593
+	NOTE: Regression introduced by previous fix done on 2016-11-11 for CVE-2016-9297
 CVE-2016-9421
 	RESERVED
 CVE-2016-9420
@@ -550,7 +554,6 @@
 	- tiff <unfixed> (bug #844226)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2590
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/12/2
-	NOTE: Caused regression, which is fixed in http://bugzilla.maptools.org/show_bug.cgi?id=2593
 CVE-2016-XXXX [tiffcrop: heap buffer overflow via writeBufferToSeparateStrips]
 	- tiff <unfixed> (bug #844057)
 	[jessie] - tiff <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list