[Secure-testing-commits] r47983 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jan 13 16:01:10 UTC 2017 

Author: jmm
Date: 2017-01-13 16:01:09 +0000 (Fri, 13 Jan 2017)
New Revision: 47983

Modified:
   data/CVE/list
Log:
remove no-dsa entries for some issues which got fixed along the DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-13 15:55:31 UTC (rev 47982)
+++ data/CVE/list	2017-01-13 16:01:09 UTC (rev 47983)
@@ -13304,7 +13304,6 @@
 	RESERVED
 	{DLA-716-1}
 	- tiff 4.0.7-1 (bug #844057)
-	[jessie] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Tools not shipped by tiff3)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2592
@@ -26111,7 +26110,6 @@
 	RESERVED
 	{DLA-610-1 DLA-606-1}
 	- tiff 4.0.7-1
-	[jessie] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2560
@@ -30951,7 +30949,6 @@
 CVE-2016-3991 (Heap-based buffer overflow in the loadImage function in the tiffcrop ...)
 	{DLA-610-1 DLA-606-1}
 	- tiff 4.0.7-1
-	[jessie] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2543
@@ -30959,7 +30956,6 @@
 CVE-2016-3990 (Heap-based buffer overflow in the horizontalDifference8 function in ...)
 	{DLA-610-1}
 	- tiff 4.0.7-1 (bug #836570)
-	[jessie] - tiff <no-dsa> (Minor issue)
 	[wheezy] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
@@ -31184,7 +31180,6 @@
 CVE-2016-3945 (Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile ...)
 	{DLA-610-1}
 	- tiff 4.0.7-1
-	[jessie] - tiff <no-dsa> (Minor issue)
 	[wheezy] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
@@ -32051,14 +32046,12 @@
 	RESERVED
 CVE-2016-3625 (tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows ...)
 	- tiff <unfixed>
-	[jessie] - tiff <no-dsa> (Minor issue)
 	[wheezy] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2566
 CVE-2016-3624 (The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and ...)
 	- tiff 4.0.6-3
-	[jessie] - tiff <no-dsa> (Minor issue)
 	[wheezy] - tiff <no-dsa> (Minor issue)
 	- tiff3 <not-affected> (tiff tools not built)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2568
@@ -32071,7 +32064,6 @@
 	NOTE: No security impact, just triggers a crash in a CLI tool
 CVE-2016-3622 (The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF ...)
 	- tiff 4.0.7-1 (low; bug #820365)
-	[jessie] - tiff <no-dsa> (Minor issue)
 	[wheezy] - tiff <no-dsa> (Minor issue)
 	- tiff3 <not-affected> (tiff tools not built)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/4

More information about the Secure-testing-commits mailing list