[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add part 2 of patch for CVE-2017-11613

Brian May bam at debian.org
Sun Mar 18 00:51:54 UTC 2018


Brian May pushed to branch master at Debian Security Tracker / security-tracker


Commits:
94061894 by Brian May at 2018-03-18T11:50:06+11:00
Add part 2 of patch for CVE-2017-11613

Upstream patch for this was insufficient, added reworked version.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -40033,7 +40033,8 @@ CVE-2017-11613 (In LibTIFF 4.0.8, there is a denial of service vulnerability in 
 	NOTE: https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2724
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475530
-	NOTE: Upstream fix: https://gitlab.com/libtiff/libtiff/commit/3719385a3fac5cfb20b487619a5f08abbf967cf8
+	NOTE: Upstream fix 1/2: https://gitlab.com/libtiff/libtiff/commit/3719385a3fac5cfb20b487619a5f08abbf967cf8
+	NOTE: Upstream fix 2/2: https://gitlab.com/libtiff/libtiff/commit/7a092f8af2568d61993a8cc2e7a35a998d7d37be
 CVE-2017-11612 (In Joomla! before 3.7.4, inadequate filtering of potentially malicious ...)
 	NOT-FOR-US: Joomla!
 CVE-2016-10401 (ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9406189451ecfe96ca953716a313d22b8abe9538

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9406189451ecfe96ca953716a313d22b8abe9538
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180318/9aafde09/attachment.html>


More information about the Secure-testing-commits mailing list