Author: jmm Date: 2016-03-16 20:42:22 +0000 (Wed, 16 Mar 2016) New Revision: 40418
Modified: data/CVE/list Log: three openjpeg issues CVEfied remove non-issue Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-03-16 17:48:52 UTC (rev 40417) +++ data/CVE/list 2016-03-16 20:42:22 UTC (rev 40418) @@ -195,16 +195,16 @@ [jessie] - flashrom <no-dsa> (Minor issue) [wheezy] - flashrom <no-dsa> (Minor issue) NOTE: https://www.flashrom.org/pipermail/flashrom/2016-March/014523.html -CVE-2016-XXXX [Out-Of-Bounds Read in sycc422_to_rgb function] +CVE-2016-3183 [Out-Of-Bounds Read in sycc422_to_rgb function] - openjpeg2 <unfixed> NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/14/14 NOTE: https://github.com/uclouvain/openjpeg/issues/726 -CVE-2016-XXXX [Heap Corruption in opj_free function] +CVE-2016-3182 [Heap Corruption in opj_free function] - openjpeg2 <unfixed> NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/14/13 NOTE: https://github.com/uclouvain/openjpeg/issues/725 TODO: check, possibly as well src:openjpeg -CVE-2016-XXXX [Out-Of-Bounds Read in opj_tcd_free_tile function] +CVE-2016-3181 [Out-Of-Bounds Read in opj_tcd_free_tile function] - openjpeg2 <unfixed> NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/14/12 NOTE: https://github.com/uclouvain/openjpeg/issues/724 @@ -2253,10 +2253,6 @@ RESERVED CVE-2015-8814 RESERVED -CVE-2016-XXXX [open redirect] - - graphite-web <unfixed> - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/17/7 - NOTE: https://github.com/graphite-project/graphite-web/issues/1441 CVE-2016-2392 [usb: null pointer dereference in remote NDIS control message handling] RESERVED - qemu <unfixed> (bug #815008) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits