[Secure-testing-commits] r53541 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jul 16 09:35:33 UTC 2017
Author: carnil
Date: 2017-07-16 09:35:33 +0000 (Sun, 16 Jul 2017)
New Revision: 53541
Modified:
data/CVE/list
Log:
Add new tiff issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-16 09:27:39 UTC (rev 53540)
+++ data/CVE/list 2017-07-16 09:35:33 UTC (rev 53541)
@@ -13,7 +13,10 @@
CVE-2017-11336 (There is a heap-based buffer over-read in the Image::printIFDStructure ...)
TODO: check
CVE-2017-11335 (There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF ...)
- TODO: check
+ - tiff <unfixed>
+ - tiff3 <removed>
+ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2715
+ NOTE: Fixed by: https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
CVE-2017-XXXX [avoid a memory leak during screenshot]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867897)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
More information about the Secure-testing-commits
mailing list