Author: carnil Date: 2017-01-16 20:27:11 +0000 (Mon, 16 Jan 2017) New Revision: 48113
Modified: data/CVE/list Log: Update status for CVE-2016-888{0,1}/jasper Requested by Tomas Hoger from Red Hat to be rejected as duplicates of CVE-2011-451{6,7}. Keep fixing version and notes until that happened to at least track the correct "fixing version". Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-16 20:18:49 UTC (rev 48112) +++ data/CVE/list 2017-01-16 20:27:11 UTC (rev 48113) @@ -15018,14 +15018,14 @@ NOTE: https://github.com/mdadams/jasper/commit/69a1439a5381e42b06ec6a06ed2675eb793babee (version-1.900.8) CVE-2016-8881 [Heap overflow in jpc_getuint16()] RESERVED - - jasper <removed> - [wheezy] - jasper <no-dsa> (no patch available for just this issue) + - jasper 1.900.1-13 NOTE: https://github.com/mdadams/jasper/issues/29 + NOTE: Duplicate of CVE-2011-4517, cf https://github.com/mdadams/jasper/issues/29#issuecomment-267322934 CVE-2016-8880 [Heap overflow in jpc_dec_cp_setfromcox()] RESERVED - - jasper <removed> - [wheezy] - jasper <no-dsa> (no patch available for just this issue) + - jasper 1.900.1-13 NOTE: https://github.com/mdadams/jasper/issues/28 + NOTE: Duplicate of CVE-2011-4516, cf https://github.com/mdadams/jasper/issues/28#issuecomment-267053875 CVE-2016-8866 [memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)] RESERVED {DLA-756-1} _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits