[Secure-testing-commits] r54938 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Aug 21 16:48:42 UTC 2017


Author: jmm
Date: 2017-08-21 16:48:42 +0000 (Mon, 21 Aug 2017)
New Revision: 54938

Modified:
   data/CVE/list
Log:
mark libjpeg as undetermined


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-21 16:47:10 UTC (rev 54937)
+++ data/CVE/list	2017-08-21 16:48:42 UTC (rev 54938)
@@ -9402,8 +9402,9 @@
 CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and earlier ...)
 	NOT-FOR-US: Cognito Software Moneyworks
 CVE-2017-9614 (The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 ...)
-	- libjpeg-turbo <unfixed> (bug #869927)
+	- libjpeg-turbo <undetermined> (bug #869927)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167
+	NOTE: Not reproducible by upstream, might be an error in the application using libjpeg
 CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
 	NOT-FOR-US: SAP SuccessFactors
 CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)




More information about the Secure-testing-commits mailing list