[Secure-testing-commits] r46477 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 23 06:14:37 UTC 2016
Author: carnil
Date: 2016-11-23 06:14:37 +0000 (Wed, 23 Nov 2016)
New Revision: 46477
Modified:
data/CVE/list
Log:
Mark dwarfutils as no-dsa and add bug reference
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-23 05:35:18 UTC (rev 46476)
+++ data/CVE/list 2016-11-23 06:14:37 UTC (rev 46477)
@@ -10,7 +10,8 @@
NOTE: https://blogs.gentoo.org/ago/2016/11/20/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c
NOTE: Fixed by: https://github.com/mdadams/jasper/commit/1abc2e5a401a4bf1d5ca4df91358ce5df111f495
CVE-2016-9558 [negation overflow in dwarf_leb.c]
- - dwarfutils <unfixed>
+ - dwarfutils <unfixed> (bug #845408)
+ [jessie] - dwarfutils <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2016/11/19/libdwarf-negation-overflow-in-dwarf_leb-c
NOTE: Fixed by: https://sourceforge.net/p/libdwarf/code/ci/4f19e1050cd8e9ddf2cb6caa061ff2fec4c9b5f9/#diff-5
CVE-2016-9557 [signed integer overflow in jas_image.c]
More information about the Secure-testing-commits
mailing list