[Secure-testing-commits] r57182 - data/CVE

Moritz Muehlenhoff Tue, 31 Oct 2017 14:52:39 -0700

Author: jmm
Date: 2017-10-31 21:52:24 +0000 (Tue, 31 Oct 2017)
New Revision: 57182


Modified:
   data/CVE/list
Log:
two openjpeg issues n/a for jessie


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-31 21:41:42 UTC (rev 57181)
+++ data/CVE/list       2017-10-31 21:52:24 UTC (rev 57182)
@@ -5858,6 +5858,7 @@
        NOTE: to not make openjpeg2 vulnerable to CVE-2017-14164.
 CVE-2017-14151 (An off-by-one error was discovered in ...)
        - openjpeg2 2.3.0-1 (bug #874430)
+       [jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, 
see #874430)
        NOTE: 
https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9
        NOTE: https://github.com/uclouvain/openjpeg/issues/982
@@ -6900,6 +6901,7 @@
        NOTE: https://github.com/uclouvain/openjpeg/issues/792
 CVE-2016-10504 (Heap-based buffer overflow vulnerability in the 
opj_mqc_byteout ...)
        - openjpeg2 2.2.0-1 (bug #874113)
+       [jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, 
see #874113)
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/397f62c0a838e15d667ef50e27d5d011d2c79c04
        NOTE: https://github.com/uclouvain/openjpeg/issues/835
 CVE-2017-13753


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57182 - data/CVE

Reply via email to