[Secure-testing-commits] r58120 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Wed Nov 29 15:39:30 UTC 2017
Author: agx
Date: 2017-11-29 15:39:30 +0000 (Wed, 29 Nov 2017)
New Revision: 58120
Modified:
data/CVE/list
Log:
CVE-2017-12596: link to upstream fix
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-29 15:22:09 UTC (rev 58119)
+++ data/CVE/list 2017-11-29 15:39:30 UTC (rev 58120)
@@ -14602,6 +14602,7 @@
CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...)
- openexr <unfixed> (bug #877352)
NOTE: https://github.com/openexr/openexr/issues/238
+ NOTE: Upstream fix https://github.com/openexr/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c
CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and ...)
- qpdf 7.0.0-1
[stretch] - qpdf <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list