[Secure-testing-commits] r57350 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 5 19:35:53 UTC 2017
Author: carnil
Date: 2017-11-05 19:35:53 +0000 (Sun, 05 Nov 2017)
New Revision: 57350
Modified:
data/CVE/list
Log:
Add more information for CVE-2015-1239
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-05 19:24:43 UTC (rev 57349)
+++ data/CVE/list 2017-11-05 19:35:53 UTC (rev 57350)
@@ -100326,10 +100326,14 @@
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
CVE-2015-1239 (Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ...)
- - openjpeg2 <unfixed>
+ - openjpeg2 2.1.1-1
NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=430891
NOTE: https://github.com/uclouvain/openjpeg/issues/477
- TODO: check
+ NOTE: The issue must have been fixed in one of the commits before or with
+ NOTE: https://github.com/uclouvain/openjpeg/commit/2d24b6000d5611615e3e6d799e20d5fdbe4e2a1e
+ NOTE: which corresponds to the r2997 commit as mentioned in the merge which
+ NOTE: fixed the issue on Google/PDFium's side.
+ TODO: check, find exact commit
CVE-2015-1238 (Skia, as used in Google Chrome before 42.0.2311.90, allows remote ...)
{DSA-3238-1}
- chromium-browser 42.0.2311.90-1
More information about the Secure-testing-commits
mailing list