Author: jmm
Date: 2017-04-25 17:49:25 +0000 (Tue, 25 Apr 2017)
New Revision: 51039
Modified:
data/CVE/list
Log:
remove on tiff no-dsa, add patch refs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-25 17:47:48 UTC (rev 51038)
+++ data/CVE/list 2017-04-25 17:49:25 UTC (rev 51039)
@@ -1490,12 +1490,14 @@
- tiff 4.0.7-6 (bug #860000)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2651
+ NOTE:
https://github.com/vadz/libtiff/commit/d60332057b9575ada4f264489582b13e30137be1
CVE-2017-7592 (The putagreytile function in tif_getimage.c in LibTIFF 4.0.7
has a ...)
{DLA-911-1}
- tiff 4.0.7-6 (bug #859998)
- tiff3 <removed>
[wheezy] - tiff3 <not-affected> (vulnerable code not present)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2658
+ NOTE:
https://github.com/vadz/libtiff/commit/48780b4fcc425cddc4ef8ffdf536f96a0d1b313b
CVE-2017-7617 (Remote code execution can occur in Asterisk Open Source 13.x
before ...)
- asterisk 1:13.14.1~dfsg-1 (bug #859910)
[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -41143,7 +41145,6 @@
NOTE: Requires authenticated user
CVE-2016-3658 (The TIFFWriteDirectoryTagLongLong8Array function in
tif_dirwrite.c in ...)
- tiff 4.0.6-3 (low)
- [jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <removed> (low)
[wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
