[Secure-testing-commits] r44559 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Tue Sep 13 16:09:09 UTC 2016
Author: hertzog
Date: 2016-09-13 16:09:09 +0000 (Tue, 13 Sep 2016)
New Revision: 44559
Modified:
data/CVE/list
Log:
Mark CVE-2016-3625/tiff3 as no-dsa on wheezy
Without any reproducer file, it's hard to deal with this issue. Given
that the impact is very low, I'm marking it as no-dsa for now. If a
reproducer file shows up it can be reconsidered.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-13 16:08:58 UTC (rev 44558)
+++ data/CVE/list 2016-09-13 16:09:09 UTC (rev 44559)
@@ -14274,7 +14274,9 @@
[jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
+ [wheezy] - tiff3 <no-dsa> (Minor issue)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2566
+ NOTE: Reproducer file is not available.
CVE-2016-3624 [Out-of-bounds Write occurred in function cvtClump in rgb2ycbcr]
RESERVED
- tiff <unfixed>
More information about the Secure-testing-commits
mailing list