[Secure-testing-commits] r44576 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Wed Sep 14 07:00:31 UTC 2016
Author: hertzog
Date: 2016-09-14 07:00:30 +0000 (Wed, 14 Sep 2016)
New Revision: 44576
Modified:
data/CVE/list
Log:
Update comments for CVE where I got the reproducer file
They have been posted on the upstream ticket each time.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-14 06:59:31 UTC (rev 44575)
+++ data/CVE/list 2016-09-14 07:00:30 UTC (rev 44576)
@@ -14304,7 +14304,6 @@
- tiff3 <removed>
[wheezy] - tiff3 <no-dsa> (Minor issue)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2566
- NOTE: Reproducer file is not available.
CVE-2016-3624 [Out-of-bounds Write occurred in function cvtClump in rgb2ycbcr]
RESERVED
- tiff <unfixed>
@@ -22880,7 +22879,7 @@
NOTE: Red Hat's patch is partially incorrect according to upstream
NOTE: Issue was also marked as wontfix, because bmp2tiff utility has been removed
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2563#c4
- NOTE: No reproducer file seems to be publicly available.
+ NOTE: Reproducer file here: http://bugzilla.maptools.org/attachment.cgi?id=677
CVE-2015-8683 (The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 ...)
{DSA-3467-1 DLA-610-1 DLA-402-1}
- tiff 4.0.6-1 (bug #809021)
More information about the Secure-testing-commits
mailing list