[Secure-testing-commits] r44560 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Tue Sep 13 16:09:22 UTC 2016
Author: hertzog
Date: 2016-09-13 16:09:21 +0000 (Tue, 13 Sep 2016)
New Revision: 44560
Modified:
data/CVE/list
Log:
Mark CVE-2016-5319/tiff3 as not-affected on wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-13 16:09:09 UTC (rev 44559)
+++ data/CVE/list 2016-09-13 16:09:21 UTC (rev 44560)
@@ -9069,8 +9069,9 @@
RESERVED
- tiff <unfixed>
- tiff3 <removed>
+ [wheezy] - tiff3 <not-affected> (tools like bmp2tiff not shipped by tiff3 source package)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2562
- NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-5319.bmp
+ NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=652
NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
NOTE: No patch available. Marked as wontfix by upstream.
CVE-2016-5318 [libtiff: stack buffer overflow in _TIFFVGetField function]
More information about the Secure-testing-commits
mailing list