[Secure-testing-commits] r48113 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 16 20:27:12 UTC 2017
Author: carnil
Date: 2017-01-16 20:27:11 +0000 (Mon, 16 Jan 2017)
New Revision: 48113
Modified:
data/CVE/list
Log:
Update status for CVE-2016-888{0,1}/jasper
Requested by Tomas Hoger from Red Hat to be rejected as duplicates of
CVE-2011-451{6,7}. Keep fixing version and notes until that happened to
at least track the correct "fixing version".
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-16 20:18:49 UTC (rev 48112)
+++ data/CVE/list 2017-01-16 20:27:11 UTC (rev 48113)
@@ -15018,14 +15018,14 @@
NOTE: https://github.com/mdadams/jasper/commit/69a1439a5381e42b06ec6a06ed2675eb793babee (version-1.900.8)
CVE-2016-8881 [Heap overflow in jpc_getuint16()]
RESERVED
- - jasper <removed>
- [wheezy] - jasper <no-dsa> (no patch available for just this issue)
+ - jasper 1.900.1-13
NOTE: https://github.com/mdadams/jasper/issues/29
+ NOTE: Duplicate of CVE-2011-4517, cf https://github.com/mdadams/jasper/issues/29#issuecomment-267322934
CVE-2016-8880 [Heap overflow in jpc_dec_cp_setfromcox()]
RESERVED
- - jasper <removed>
- [wheezy] - jasper <no-dsa> (no patch available for just this issue)
+ - jasper 1.900.1-13
NOTE: https://github.com/mdadams/jasper/issues/28
+ NOTE: Duplicate of CVE-2011-4516, cf https://github.com/mdadams/jasper/issues/28#issuecomment-267053875
CVE-2016-8866 [memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)]
RESERVED
{DLA-756-1}
More information about the Secure-testing-commits
mailing list