[Secure-testing-commits] r57182 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Oct 31 21:52:24 UTC 2017
Author: jmm
Date: 2017-10-31 21:52:24 +0000 (Tue, 31 Oct 2017)
New Revision: 57182
Modified:
data/CVE/list
Log:
two openjpeg issues n/a for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-31 21:41:42 UTC (rev 57181)
+++ data/CVE/list 2017-10-31 21:52:24 UTC (rev 57182)
@@ -5858,6 +5858,7 @@
NOTE: to not make openjpeg2 vulnerable to CVE-2017-14164.
CVE-2017-14151 (An off-by-one error was discovered in ...)
- openjpeg2 2.3.0-1 (bug #874430)
+ [jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, see #874430)
NOTE: https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/
NOTE: https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9
NOTE: https://github.com/uclouvain/openjpeg/issues/982
@@ -6900,6 +6901,7 @@
NOTE: https://github.com/uclouvain/openjpeg/issues/792
CVE-2016-10504 (Heap-based buffer overflow vulnerability in the opj_mqc_byteout ...)
- openjpeg2 2.2.0-1 (bug #874113)
+ [jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, see #874113)
NOTE: https://github.com/uclouvain/openjpeg/commit/397f62c0a838e15d667ef50e27d5d011d2c79c04
NOTE: https://github.com/uclouvain/openjpeg/issues/835
CVE-2017-13753
More information about the Secure-testing-commits
mailing list