[Secure-testing-commits] r56708 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Oct 14 18:45:13 UTC 2017
Author: carnil
Date: 2017-10-14 18:45:13 +0000 (Sat, 14 Oct 2017)
New Revision: 56708
Modified:
data/CVE/list
Log:
Add remaining source package names for CVE-2017-15232
All contain the problematic code, and all build jdpostct.c. But I have
not done any further check, but rather only this first check to add the
source package names to the entry.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-14 18:29:30 UTC (rev 56707)
+++ data/CVE/list 2017-10-14 18:45:13 UTC (rev 56708)
@@ -200,9 +200,11 @@
RESERVED
CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and ...)
- libjpeg-turbo <unfixed> (low; bug #878567)
+ - libjpeg6b <unfixed>
+ - libjpeg8 <removed>
+ - libjpeg9 <unfixed>
NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
NOTE: https://github.com/mozilla/mozjpeg/issues/268
- TODO: check libjpeg6b, libjpeg8 and libjpeg9
CVE-2017-15231
RESERVED
CVE-2017-15230
More information about the Secure-testing-commits
mailing list