[Secure-testing-commits] r53914 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jul 25 20:29:27 UTC 2017


Author: carnil
Date: 2017-07-25 20:29:26 +0000 (Tue, 25 Jul 2017)
New Revision: 53914

Modified:
   data/CVE/list
Log:
Update CVE-2017-9937/jbigkit

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-25 20:18:09 UTC (rev 53913)
+++ data/CVE/list	2017-07-25 20:29:26 UTC (rev 53914)
@@ -2911,11 +2911,10 @@
 CVE-2017-9938
 	RESERVED
 CVE-2017-9937 (In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A ...)
-	- jbigkit <undetermined>
+	- jbigkit <unfixed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2707
-	NOTE: The CVE was assigned for src:tiff by MITRE, but upstream author tends
-	NOTE: to see this as an issue in libjbig itself.
-	TODO: wait for futher development on upstream
+	NOTE: The CVE was assigned for src:tiff by MITRE, but the issue actually lies
+	NOTE: in jbigkit itself.
 CVE-2017-9936 (In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF ...)
 	{DSA-3903-1 DLA-1023-1 DLA-1022-1}
 	- tiff 4.0.8-3 (bug #866113)




More information about the Secure-testing-commits mailing list