[Secure-testing-commits] r48676 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Fri Feb 3 09:13:15 UTC 2017
Author: agx
Date: 2017-02-03 09:13:15 +0000 (Fri, 03 Feb 2017)
New Revision: 48676
Modified:
data/CVE/list
Log:
lts: mark netpbm-free in wheezy as unaffected
The provided testcase does not crash the wheezy version and upstream
explains why in
http://bugzilla.maptools.org/show_bug.cgi?id=2654#c8
so Jessie likely isn't affected either.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-03 09:10:12 UTC (rev 48675)
+++ data/CVE/list 2017-02-03 09:13:15 UTC (rev 48676)
@@ -511,6 +511,7 @@
CVE-2017-5849 [Out-of-Bound read and write issues in put1bitbwtile() and putgreytile()]
RESERVED
- netpbm-free <unfixed> (bug #853997)
+ [wheezy] - netpbm-free <not-affected> (vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2
CVE-2017-5850
RESERVED
More information about the Secure-testing-commits
mailing list