[Secure-testing-commits] r23520 - data/CVE

Arne Wichmann Mon, 02 Sep 2013 13:48:07 -0700

Author: aw-guest
Date: 2013-09-02 20:47:11 +0000 (Mon, 02 Sep 2013)
New Revision: 23520


Modified:
   data/CVE/list
Log:
CVE-2013-1961 - tiff3 not affected


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-09-02 14:42:20 UTC (rev 23519)
+++ data/CVE/list       2013-09-02 20:47:11 UTC (rev 23520)
@@ -9050,8 +9050,9 @@
 CVE-2013-1961 (Stack-based buffer overflow in the t2p_write_pdf_page function 
in ...)
        {DSA-2698-1}
        - tiff 4.0.2-6+nmu1 (bug #706674)
-       - tiff3 3.9.7-1 (bug #712840)
+       - tiff3 <not-affected> (bug #712840)
        [wheezy] - tiff3 <no-dsa> (the changes that effect the library are just 
hardening, converting uses of sprintf to snprintf. those can be rolled into the 
next tiff3 update, but a separate dsa isn't needed)
+       NOTE: The tiff3 package does not include tiff2pdf, so the issue does 
not applyto tiff3.
 CVE-2013-1960 (Heap-based buffer overflow in the tp_process_jpeg_strip 
function in ...)
        {DSA-2698-1}
        - tiff 4.0.2-6+nmu1 (bug #706675)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r23520 - data/CVE

Reply via email to