[Secure-testing-commits] r46473 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Nov 23 05:28:33 UTC 2016


Author: carnil
Date: 2016-11-23 05:28:33 +0000 (Wed, 23 Nov 2016)
New Revision: 46473

Modified:
   data/CVE/list
Log:
Add CVE-2016-9557/jasper

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-23 05:26:41 UTC (rev 46472)
+++ data/CVE/list	2016-11-23 05:28:33 UTC (rev 46473)
@@ -5,6 +5,10 @@
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774834
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bf43f44fcfada5ec4a3ce60cb374340486fe9fac
 	NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
+CVE-2016-9557 [signed integer overflow in jas_image.c]
+	- jasper <removed>
+	NOTE: https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c
+	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
 CVE-2016-9555 [net/sctp: slab-out-of-bounds in sctp_sf_ootb]
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 (4.9-rc4)




More information about the Secure-testing-commits mailing list