[Secure-testing-commits] r45519 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Oct 23 10:46:56 UTC 2016
Author: jmm
Date: 2016-10-23 10:46:55 +0000 (Sun, 23 Oct 2016)
New Revision: 45519
Modified:
data/CVE/list
Log:
two jasper issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-23 10:30:28 UTC (rev 45518)
+++ data/CVE/list 2016-10-23 10:46:55 UTC (rev 45519)
@@ -1,3 +1,9 @@
+CVE-2016-8887
+ - jasper <unfixed>
+ NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c
+CVE-2016-8886
+ - jasper <unfixed>
+ NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-memory-allocation-failure-in-jas_malloc-jas_malloc-c
CVE-2016-XXXX [sendmail: Privilege escalation from group smmsp to root]
- sendmail <unfixed> (bug #841257)
CVE-2016-8866 [memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)]
More information about the Secure-testing-commits
mailing list