[Secure-testing-commits] r52936 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jun 27 04:36:25 UTC 2017
Author: carnil
Date: 2017-06-27 04:36:24 +0000 (Tue, 27 Jun 2017)
New Revision: 52936
Modified:
data/CVE/list
Log:
Add CVE-2017-9936/tiff
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-27 04:36:14 UTC (rev 52935)
+++ data/CVE/list 2017-06-27 04:36:24 UTC (rev 52936)
@@ -37,7 +37,10 @@
NOTE: to see this as an issue in libjbig itself.
TODO: wait for futher development on upstream
CVE-2017-9936 (In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF ...)
- TODO: check
+ - tiff <unfixed>
+ - tiff3 <removed>
+ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2706
+ NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
CVE-2017-9935 (In LibTIFF 4.0.8, there is a heap-based buffer overflow in the ...)
TODO: check
CVE-2017-9934
More information about the Secure-testing-commits
mailing list