[Secure-testing-commits] r45098 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Wed Oct 5 21:00:28 UTC 2016
Author: nluedtke-guest
Date: 2016-10-05 21:00:28 +0000 (Wed, 05 Oct 2016)
New Revision: 45098
Modified:
data/CVE/list
Log:
Correct entries for CVE-2016-479{6,7}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-05 20:50:53 UTC (rev 45097)
+++ data/CVE/list 2016-10-05 21:00:28 UTC (rev 45098)
@@ -12266,14 +12266,16 @@
NOT-FOR-US: Huawei
CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
RESERVED
- - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
+ - openjpeg2 2.1.1-1
+ [jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
- openjpeg <removed>
[jessie] - openjpeg <not-affected> (Vulnerable code not present)
[wheezy] - openjpeg <not-affected> (Vulnerable code not present)
NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
RESERVED
- - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
+ - openjpeg2 2.1.1-1
+ [jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
CVE-2016-4794 (Use-after-free vulnerability in mm/percpu.c in the Linux kernel ...)
More information about the Secure-testing-commits
mailing list