[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream commit for CVe-2019-6128/tiff

Sat Feb 2 16:45:19 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4c568c3d by Salvatore Bonaccorso at 2019-02-02T16:43:53Z
Add upstream commit for CVe-2019-6128/tiff

- - - - -
401dc588 by Salvatore Bonaccorso at 2019-02-02T16:44:49Z
Update severity for CVE-2019-6128/tiff

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2790,10 +2790,10 @@ CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory lea
 	NOTE: https://github.com/glennrp/libpng/issues/269
 	NOTE: Memory leak in CLI tool, no security impact
 CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory ...)
-	- tiff <unfixed> (bug #921157)
-	[stretch] - tiff <no-dsa> (Minor issue)
-	- tiff3 <removed>
+	- tiff <unfixed> (bug #921157; unimportant)
+	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2836
+	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/ae0bed1fe530a82faf2e9ea1775109dbf301a971
 CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows ...)
 	NOT-FOR-US: XiaoCms
 CVE-2019-6126 (The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9032c8514a994d2eefd7a275d2532fe1fad48fde...401dc58818d787baa125310754fc2fb99cc29023

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9032c8514a994d2eefd7a275d2532fe1fad48fde...401dc58818d787baa125310754fc2fb99cc29023
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190202/2fa1df42/attachment-0001.html>
