[Secure-testing-commits] r51809 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 22 04:31:56 UTC 2017
Author: carnil
Date: 2017-05-22 04:31:56 +0000 (Mon, 22 May 2017)
New Revision: 51809
Modified:
data/CVE/list
Log:
Add CVE-2017-9117/tiff
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-22 04:29:30 UTC (rev 51808)
+++ data/CVE/list 2017-05-22 04:31:56 UTC (rev 51809)
@@ -5,7 +5,10 @@
CVE-2017-9118
RESERVED
CVE-2017-9117 (In LibTIFF 4.0.7, the program processes BMP images without verifying ...)
- TODO: check
+ - tiff <unfixed> (unimportant)
+ - tiff3 <removed>
+ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2690
+ NOTE: bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2
CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ...)
TODO: check
CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function ...)
More information about the Secure-testing-commits
mailing list