Author: fgeek-guest Date: 2016-09-05 15:38:22 +0000 (Mon, 05 Sep 2016) New Revision: 44344
Modified: data/CVE/list Log: CVE-2015-8668/tiff Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-09-05 15:34:40 UTC (rev 44343) +++ data/CVE/list 2016-09-05 15:38:22 UTC (rev 44344) @@ -19872,7 +19872,8 @@ - tiff3 <removed> NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2563 NOTE: Red Hat say it's only OOB read: https://bugzilla.redhat.com/show_bug.cgi?id=1294425#c1 - NOTE: Red Hat's patch is partially incorrect according to upstream. Issue was also marked as wontfix. + NOTE: Red Hat's patch is partially incorrect according to upstream + NOTE: Issue was also marked as wontfix, because bmp2tiff utility has been removed NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2563#c4 CVE-2015-8683 (The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 ...) {DSA-3467-1 DLA-610-1 DLA-402-1} _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits