[Secure-testing-commits] r44803 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Wed Sep 21 18:22:33 UTC 2016
Author: nluedtke-guest
Date: 2016-09-21 18:22:33 +0000 (Wed, 21 Sep 2016)
New Revision: 44803
Modified:
data/CVE/list
Log:
Mark openjpeg removed in CVE-2016-4796
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-21 18:22:22 UTC (rev 44802)
+++ data/CVE/list 2016-09-21 18:22:33 UTC (rev 44803)
@@ -11751,7 +11751,9 @@
CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
RESERVED
- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
- - openjpeg <not-affected> (Vulnerable code not present)
+ - openjpeg <removed>
+ [jessie] - openjpeg <not-affected> (Vulnerable code not present)
+ [wheezy] - openjpeg <not-affected> (Vulnerable code not present)
NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
RESERVED
@@ -21478,7 +21480,6 @@
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
CVE-2016-1626 (The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ...)
{DSA-3486-1}
- - openjpeg2 <undetermined>
- openjpeg <removed>
[jessie] - openjpeg <not-affected> (Vulnerable code introduced later)
[wheezy] - openjpeg <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list