[Git][security-tracker-team/security-tracker][master] 2 commits: Correct distribution name from previous commit.

Chris Lamb lamby at debian.org
Mon Jul 23 04:16:30 BST 2018


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
676b71d7 by Chris Lamb at 2018-07-23T11:16:00+08:00
Correct distribution name from previous commit.

- - - - -
4c256355 by Chris Lamb at 2018-07-23T11:16:12+08:00
Triage CVE-2017-14989, CVE-2017-12597, CVE-2017-9116, CVE-2017-9115, CVE-2017-9114, CVE-2017-9113, CVE-2017-9112, CVE-2017-9111 & CVE-2017-9110 (openexr) for jessie.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -521,7 +521,7 @@ CVE-2018-14338 (samples/geotag.cpp in the example code of Exiv2 0.26 misuses the
 CVE-2018-14337 (The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 ...)
 	- mruby <unfixed> (bug #903985)
 	[stretch] - mruby <no-dsa> (Minor issue)
-	[wheezy] - mruby <no-dsa> (Minor issue)
+	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/4062
 	NOTE: https://github.com/mruby/mruby/commit/695f29cd604787f43be1af16e38d13610bf8312b
 	NOTE: https://github.com/mruby/mruby/commit/adb1eae912659d680a9c5b7832e22cf73d36a69a
@@ -46323,6 +46323,7 @@ CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in .
 CVE-2017-14988 (Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote ...)
 	- openexr <unfixed> (bug #878551)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <postponed> (Should be fixed along in future update)
 	NOTE: https://github.com/openexr/openexr/issues/248
 CVE-2017-14987
@@ -53675,6 +53676,7 @@ CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an 
 CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...)
 	- openexr 2.2.0-11.1 (bug #877352)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr 1.6.1-6+deb7u1
 	NOTE: https://github.com/openexr/openexr/issues/238
 	NOTE: Upstream fix https://github.com/openexr/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c
@@ -64078,23 +64080,27 @@ CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress fun
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
@@ -64102,11 +64108,13 @@ CVE-2017-9112 (In OpenEXR 2.2.0, an invalid read of size 1 in the getBits functi
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9111 (In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
@@ -64114,6 +64122,7 @@ CVE-2017-9110 (In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode func
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9109



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4d5c6999ff623547557ec39bdd61089c1b17b383...4c256355c51a3c149ae950bafe34bc31b0a2a456

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4d5c6999ff623547557ec39bdd61089c1b17b383...4c256355c51a3c149ae950bafe34bc31b0a2a456
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180723/a43f20ed/attachment.html>


More information about the debian-security-tracker-commits mailing list