[Secure-testing-commits] r48358 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 25 09:37:23 UTC 2017
Author: carnil
Date: 2017-01-25 09:37:23 +0000 (Wed, 25 Jan 2017)
New Revision: 48358
Modified:
data/CVE/list
Log:
Reference upstream issues for jasper issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-25 09:19:18 UTC (rev 48357)
+++ data/CVE/list 2017-01-25 09:37:23 UTC (rev 48358)
@@ -1,12 +1,15 @@
CVE-2017-XXXX [jasper: heap-based buffer overflow in jpc_dec_decodepkt (jpc_t2dec.c)]
- jasper <unfixed>
- NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/10
+ NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/114
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/25/10
CVE-2017-XXXX [jasper: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c)]
- jasper <unfixed>
- NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/8
+ NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/112
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/25/8
CVE-2017-XXXX [jasper: invalid memory read in jas_matrix_bindsub (jas_seq.c)]
- jasper <unfixed>
- NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/9
+ NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/113
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/25/9
CVE-2017-XXXX [screen privilege escalation]
- screen 4.5.0-3 (bug #852484)
[stretch] - screen <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list