[Secure-testing-commits] r45589 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Tue Oct 25 14:31:47 UTC 2016 

Author: hertzog
Date: 2016-10-25 14:31:47 +0000 (Tue, 25 Oct 2016)
New Revision: 45589

Modified:
   data/CVE/list
Log:
Mark CVE-2016-5315/CVE-2016-5316/CVE-2016-5317 as fixed in unstable with version 4.0.6-2

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-25 14:31:25 UTC (rev 45588)
+++ data/CVE/list	2016-10-25 14:31:47 UTC (rev 45589)
@@ -11220,11 +11220,11 @@
 CVE-2016-5317 [GNOME nautilus: crash occurs when generating a thumbnail for a crafted TIFF image]
 	RESERVED
 	{DLA-610-1 DLA-606-1}
-	- tiff <unfixed>
+	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2557
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=653
-	NOTE: Upstream marked this duplicate of bug 2554
+	NOTE: Upstream marked this duplicate of bug http://bugzilla.maptools.org/show_bug.cgi?id=2554
 CVE-2016-5316 [tif_pixarlog.c: PixarLogCleanup() Segmentation fault]
 	RESERVED
 	{DLA-610-1 DLA-606-1}
@@ -11232,17 +11232,17 @@
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2556
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=656
-	NOTE: Upstream fix https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
+	NOTE: Upstream marked this duplicate of bug http://bugzilla.maptools.org/show_bug.cgi?id=2554
 CVE-2016-5315 [tif_dir.c: setByteArray() Read access violation]
 	RESERVED
 	{DLA-610-1 DLA-606-1}
-	- tiff <unfixed>
+	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2555
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=655
 	NOTE: Possible duplicate with PixarLogDecode() issue
 	NOTE:  http://bugzilla.maptools.org/show_bug.cgi?id=2555#c2
-	NOTE: Upstream marked this duplicate of bug 2554
+	NOTE: Upstream marked this duplicate of http://bugzilla.maptools.org/show_bug.cgi?id=2554
 CVE-2016-5314 [PixarLogDecode() out-of-bound writes]
 	RESERVED
 	{DLA-610-1 DLA-606-1}

More information about the Secure-testing-commits mailing list