[Secure-testing-commits] r50129 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Tue Mar 28 13:39:43 UTC 2017


Author: hertzog
Date: 2017-03-28 13:39:43 +0000 (Tue, 28 Mar 2017)
New Revision: 50129

Modified:
   data/CVE/list
Log:
Mark CVE-2016-10268 as not affecting tiff3 in wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-28 13:16:56 UTC (rev 50128)
+++ data/CVE/list	2017-03-28 13:39:43 UTC (rev 50129)
@@ -254,6 +254,7 @@
 CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...)
 	- tiff 4.0.7-2
 	- tiff3 <removed>
+	[wheezy] - tiff3 <not-affected> (issue in tiffcp that is not shipped by the source package)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2598




More information about the Secure-testing-commits mailing list