[Secure-testing-commits] r58120 - data/CVE

Guido Guenther Wed, 29 Nov 2017 07:40:06 -0800

Author: agx
Date: 2017-11-29 15:39:30 +0000 (Wed, 29 Nov 2017)
New Revision: 58120


Modified:
   data/CVE/list
Log:
CVE-2017-12596: link to upstream fix

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-29 15:22:09 UTC (rev 58119)
+++ data/CVE/list       2017-11-29 15:39:30 UTC (rev 58120)
@@ -14602,6 +14602,7 @@
 CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer 
over-read ...)
        - openexr <unfixed> (bug #877352)
        NOTE: https://github.com/openexr/openexr/issues/238
+       NOTE: Upstream fix 
https://github.com/openexr/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c
 CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays 
and ...)
        - qpdf 7.0.0-1
        [stretch] - qpdf <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r58120 - data/CVE

Reply via email to