[Secure-testing-commits] r52947 - data/CVE

Salvatore Bonaccorso Tue, 27 Jun 2017 05:31:25 -0700

Author: carnil
Date: 2017-06-27 12:31:10 +0000 (Tue, 27 Jun 2017)
New Revision: 52947


Modified:
   data/CVE/list
Log:
Add bug reporte for CVE-2017-9935/tiff, #866109

Remove Note about unreproducibility. Both 4.0.8-2 and as well testing
against

2017-06-26  Even Rouault <even.rouault at spatialys.com>

        * libtiff/tif_jbig.c: fix memory leak in error code path of JBIGDecode()
        Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706
        Reported by team OWL337

exercises the problem with all four provided reproducers.

Oder versions have not been checked source-wise for the issue.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-27 11:29:19 UTC (rev 52946)
+++ data/CVE/list       2017-06-27 12:31:10 UTC (rev 52947)
@@ -102,10 +102,9 @@
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2706
        NOTE: Fixed by: 
https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
 CVE-2017-9935 (In LibTIFF 4.0.8, there is a heap-based buffer overflow in the 
...)
-       - tiff <unfixed>
+       - tiff <unfixed> (bug #866109)
        - tiff3 <removed>
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2704
-       NOTE: Could not reproduce with the latest CVS version
 CVE-2017-9934
        RESERVED
 CVE-2017-9933


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r52947 - data/CVE

Reply via email to