[Git][security-tracker-team/security-tracker][master] CVE-2016-8884,CVE-2016-8885,jasper: Link to fixing commits.

Markus Koschany apo at debian.org
Tue Nov 20 12:02:50 GMT 2018 

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d662fb1d by Markus Koschany at 2018-11-20T12:02:14Z
CVE-2016-8884,CVE-2016-8885,jasper: Link to fixing commits.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -106498,9 +106498,11 @@ CVE-2016-XXXX [sendmail: Privilege escalation from group smmsp to root]
 CVE-2016-8885 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before ...)
 	- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
+	NOTE: Fixed by https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698
 CVE-2016-8884 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 ...)
 	- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
+	NOTE: Fixed by https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698
 CVE-2016-8883 (The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 ...)
 	{DLA-739-1}
 	- jasper <removed> (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d662fb1db12cb5d2e5e3156d339bb67f8dec1d1b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d662fb1db12cb5d2e5e3156d339bb67f8dec1d1b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181120/5c7efb09/attachment.html>

More information about the debian-security-tracker-commits mailing list