[Secure-testing-commits] r46476 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 23 05:35:18 UTC 2016
Author: carnil
Date: 2016-11-23 05:35:18 +0000 (Wed, 23 Nov 2016)
New Revision: 46476
Modified:
data/CVE/list
Log:
Add CVE-2016-9560/jasper
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-23 05:32:56 UTC (rev 46475)
+++ data/CVE/list 2016-11-23 05:35:18 UTC (rev 46476)
@@ -5,6 +5,10 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774834
NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bf43f44fcfada5ec4a3ce60cb374340486fe9fac
NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
+CVE-2016-9560 [stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)]
+ - jasper <removed>
+ NOTE: https://blogs.gentoo.org/ago/2016/11/20/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c
+ NOTE: Fixed by: https://github.com/mdadams/jasper/commit/1abc2e5a401a4bf1d5ca4df91358ce5df111f495
CVE-2016-9558 [negation overflow in dwarf_leb.c]
- dwarfutils <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/11/19/libdwarf-negation-overflow-in-dwarf_leb-c
More information about the Secure-testing-commits
mailing list