[Secure-testing-commits] r52213 - data/CVE

László Böszörményi gcs at moszumanska.debian.org
Thu Jun 1 22:18:58 UTC 2017


Author: gcs
Date: 2017-06-01 22:18:58 +0000 (Thu, 01 Jun 2017)
New Revision: 52213

Modified:
   data/CVE/list
Log:
Add fixed versions for CVE-2016-10095, CVE-2017-9147/tiff, #850316, #863185


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-01 21:37:24 UTC (rev 52212)
+++ data/CVE/list	2017-06-01 22:18:58 UTC (rev 52213)
@@ -667,7 +667,7 @@
 	NOTE: http://freeradius.org/security.html#session-resumption-2017
 	NOTE: https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563
 CVE-2017-9147 (LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in ...)
-	- tiff <unfixed> (bug #863185)
+	- tiff 4.0.8-2 (bug #863185)
 	[stretch] - tiff <no-dsa> (Minor issue)
 	[jessie] - tiff <no-dsa> (Minor issue)
 	[wheezy] - tiff <not-affected> (Not reproducible, fixed by former update)
@@ -13333,7 +13333,7 @@
 CVE-2017-4955
 	RESERVED
 CVE-2016-10095 (Stack-based buffer overflow in the _TIFFVGetField function in ...)
-	- tiff <unfixed> (bug #850316)
+	- tiff 4.0.8-2 (bug #850316)
 	NOTE: This is a duplicate of CVE-2015-7554, both were reported against tiffsplit
 	NOTE: While the _TIFFVGetField function is a generic function, CVE IDs seem to be
 	NOTE: assigned per tool using it, so CVE-2015-7554/CVE-2016-10095 refers to the




More information about the Secure-testing-commits mailing list