Author: carnil
Date: 2015-12-01 18:28:11 +0000 (Tue, 01 Dec 2015)
New Revision: 38014

Modified:
   data/CVE/list
Log:
Add CVE-2015-836{6,7}/libraw

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-12-01 18:21:58 UTC (rev 38013)
+++ data/CVE/list       2015-12-01 18:28:11 UTC (rev 38014)
@@ -18,10 +18,16 @@
        NOT-FOR-US: PHP-Fusion
 CVE-2015-8368
        RESERVED
-CVE-2015-8367
+CVE-2015-8367 [Memory objects are not intialized properly]
        RESERVED
-CVE-2015-8366
+       - libraw <unfixed>
+       NOTE: 
https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
+       TODO: check other copies containing libraw code
+CVE-2015-8366 [ndex overflow in smal_decode_segment]
        RESERVED
+       - libraw <unfixed>
+       NOTE: 
https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
+       TODO: check other copies containing libraw code
 CVE-2015-8365 (The smka_decode_frame function in libavcodec/smacker.c in 
FFmpeg ...)
        - ffmpeg 7:2.8.3-1 (bug #806519)
        [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to