[Secure-testing-commits] r50519 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Apr 10 06:49:11 UTC 2017


Author: carnil
Date: 2017-04-10 06:49:10 +0000 (Mon, 10 Apr 2017)
New Revision: 50519

Modified:
   data/CVE/list
Log:
Add references for CVE-2017-7595/tiff

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-10 06:22:32 UTC (rev 50518)
+++ data/CVE/list	2017-04-10 06:49:10 UTC (rev 50519)
@@ -67,9 +67,10 @@
 	- tiff3 <removed>
 	TODO: check
 CVE-2017-7595 (The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows ...)
-	- tiff <unfixed>
+	- tiff <unfixed> (bug #860003)
 	- tiff3 <removed>
-	TODO: check
+	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c
+	NOTE: https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
 CVE-2017-7594 (The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in ...)
 	- tiff <unfixed> (bug #860001)
 	- tiff3 <removed>




More information about the Secure-testing-commits mailing list