[Secure-testing-commits] r45025 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Tue Oct 4 14:34:55 UTC 2016
Author: nluedtke-guest
Date: 2016-10-04 14:34:55 +0000 (Tue, 04 Oct 2016)
New Revision: 45025
Modified:
data/CVE/list
Log:
Add openjpeg2 to CVE-2016-5139
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-04 14:20:45 UTC (rev 45024)
+++ data/CVE/list 2016-10-04 14:34:55 UTC (rev 45025)
@@ -10469,8 +10469,11 @@
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5139 (Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ...)
{DSA-3645-1}
+ - openjpeg2 2.1.2-1
- chromium-browser 52.0.2743.116-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
+ NOTE: Fixed in Google with: https://pdfium.googlesource.com/pdfium.git/+/2f6d1480a1be2b1f82c94219c2d99e67d7e0660d
+ NOTE: https://github.com/uclouvain/openjpeg/pull/819
CVE-2016-5138 (Integer overflow in the kbasep_vinstr_attach_client function in ...)
TODO: check
CVE-2016-5137 (The CSPSource::schemeMatches function in ...)
More information about the Secure-testing-commits
mailing list