[Secure-testing-commits] r45611 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Tue Oct 25 19:45:38 UTC 2016
Author: nluedtke-guest
Date: 2016-10-25 19:45:37 +0000 (Tue, 25 Oct 2016)
New Revision: 45611
Modified:
data/CVE/list
Log:
Update CVE-2016-8338
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-25 19:31:54 UTC (rev 45610)
+++ data/CVE/list 2016-10-25 19:45:37 UTC (rev 45611)
@@ -1526,13 +1526,8 @@
[wheezy] - redis <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0206/
-CVE-2016-8338 [heap based buffer overflow in LibTIFFs PixarLogDecode api]
+CVE-2016-8338
RESERVED
- - tiff 4.0.6-2
- - tiff3 <removed>
- NOTE: LibTIFF maintainers indicate this is a duplicate of CVE-2016-5875
- NOTE: Not yet REJECTED
- NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0205/
CVE-2016-8337
RESERVED
CVE-2016-8336
@@ -9383,6 +9378,7 @@
NOTE: https://marc.info/?l=oss-security&m=146726894625359&w=2
NOTE: but is not yet REJECTED by MITRE.
NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-5875.tif
+ NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0205/
CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers ...)
NOT-FOR-US: Siemens
CVE-2016-5872
More information about the Secure-testing-commits
mailing list