[Secure-testing-commits] r56757 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Oct 16 14:40:41 UTC 2017
Author: jmm
Date: 2017-10-16 14:40:41 +0000 (Mon, 16 Oct 2017)
New Revision: 56757
Modified:
data/CVE/list
Log:
classic libjpeg n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-16 14:04:46 UTC (rev 56756)
+++ data/CVE/list 2017-10-16 14:40:41 UTC (rev 56757)
@@ -382,11 +382,12 @@
RESERVED
CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and ...)
- libjpeg-turbo <unfixed> (low; bug #878567)
- - libjpeg6b <unfixed>
- - libjpeg8 <removed>
- - libjpeg9 <unfixed>
+ - libjpeg6b <not-affected> (Vulnerable code not present)
+ - libjpeg8 <not-affected> (Vulnerable code not present)
+ - libjpeg9 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
NOTE: https://github.com/mozilla/mozjpeg/issues/268
+ NOTE: IJG libjpeg releases not affected, see https://lists.debian.org/debian-lts/2017/10/msg00061.html
CVE-2017-15231
RESERVED
CVE-2017-15230
More information about the Secure-testing-commits
mailing list