Author: hertzog Date: 2017-03-28 13:39:43 +0000 (Tue, 28 Mar 2017) New Revision: 50129
Modified: data/CVE/list Log: Mark CVE-2016-10268 as not affecting tiff3 in wheezy Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-03-28 13:16:56 UTC (rev 50128) +++ data/CVE/list 2017-03-28 13:39:43 UTC (rev 50129) @@ -254,6 +254,7 @@ CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...) - tiff 4.0.7-2 - tiff3 <removed> + [wheezy] - tiff3 <not-affected> (issue in tiffcp that is not shipped by the source package) NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/ NOTE: https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2598 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits