[Secure-testing-commits] r50027 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Mar 25 05:36:36 UTC 2017


Author: carnil
Date: 2017-03-25 05:36:36 +0000 (Sat, 25 Mar 2017)
New Revision: 50027

Modified:
   data/CVE/list
Log:
Add CVE-2016-10269/tiff

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-25 05:34:36 UTC (rev 50026)
+++ data/CVE/list	2017-03-25 05:36:36 UTC (rev 50027)
@@ -17,7 +17,10 @@
 CVE-2016-10270 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
 	TODO: check
 CVE-2016-10269 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
-	TODO: check
+	- tiff 4.0.7-2
+	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
+	NOTE: https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86
+	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2604
 CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...)
 	- tiff 4.0.7-2
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/




More information about the Secure-testing-commits mailing list