[Secure-testing-commits] r52947 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jun 27 12:31:10 UTC 2017
Author: carnil
Date: 2017-06-27 12:31:10 +0000 (Tue, 27 Jun 2017)
New Revision: 52947
Modified:
data/CVE/list
Log:
Add bug reporte for CVE-2017-9935/tiff, #866109
Remove Note about unreproducibility. Both 4.0.8-2 and as well testing
against
2017-06-26 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_jbig.c: fix memory leak in error code path of JBIGDecode()
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706
Reported by team OWL337
exercises the problem with all four provided reproducers.
Oder versions have not been checked source-wise for the issue.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-27 11:29:19 UTC (rev 52946)
+++ data/CVE/list 2017-06-27 12:31:10 UTC (rev 52947)
@@ -102,10 +102,9 @@
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2706
NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
CVE-2017-9935 (In LibTIFF 4.0.8, there is a heap-based buffer overflow in the ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #866109)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2704
- NOTE: Could not reproduce with the latest CVS version
CVE-2017-9934
RESERVED
CVE-2017-9933
More information about the Secure-testing-commits
mailing list