[Secure-testing-commits] r55795 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 15 20:54:15 UTC 2017
Author: carnil
Date: 2017-09-15 20:54:15 +0000 (Fri, 15 Sep 2017)
New Revision: 55795
Modified:
data/CVE/list
Log:
CVE-2017-14348: mark for now again as unfixed
Note for reviewers: The problematic code is at least present
0.18.2-2. Needs double-check.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-15 20:53:58 UTC (rev 55794)
+++ data/CVE/list 2017-09-15 20:54:15 UTC (rev 55795)
@@ -349,7 +349,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
CVE-2017-14348 (LibRaw before 0.18.4 has a heap-based Buffer Overflow in the ...)
- - libraw <not-affected> (Vulnerable code introduced later)
+ - libraw <unfixed>
NOTE: https://github.com/LibRaw/LibRaw/issues/100
NOTE: https://github.com/LibRaw/LibRaw/commit/8303e74b0567806dd5f16fc39aab70fe928de1a2
CVE-2017-14340
More information about the Secure-testing-commits
mailing list