Author: mgilbert
Date: 2013-07-03 00:52:04 +0000 (Wed, 03 Jul 2013)
New Revision: 22828
Modified:
data/CVE/list
Log:
use no-dsa for tiff3 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-03 00:44:59 UTC (rev 22827)
+++ data/CVE/list 2013-07-03 00:52:04 UTC (rev 22828)
@@ -6594,8 +6594,8 @@
RESERVED
{DSA-2698-1}
- tiff 4.0.2-6+nmu1 (bug #706674)
- - tiff3 3.9.7-1 (unimportant; bug #712840)
- NOTE: the changes that effect the library are just hardening,
converting uses of sprintf to snprintf. for wheezy those can be rolled into
the next tiff3 update, but a separate dsa isn't needed
+ - tiff3 3.9.7-1 (bug #712840)
+ [wheezy] - tiff3 <no-dsa> (the changes that effect the library are just
hardening, converting uses of sprintf to snprintf. those can be rolled into the
next tiff3 update, but a separate dsa isn't needed)
CVE-2013-1960 [libtiff-tools: Heap-based buffer overflow in
t2_process_jpeg_strip]
RESERVED
{DSA-2698-1}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
