[Secure-testing-commits] r39003 - data/CVE

Salvatore Bonaccorso Mon, 18 Jan 2016 11:06:49 -0800

Author: carnil
Date: 2016-01-18 19:06:22 +0000 (Mon, 18 Jan 2016)
New Revision: 39003


Modified:
   data/CVE/list
Log:
Add two new CVEs for openjpeg2

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-01-18 18:47:27 UTC (rev 39002)
+++ data/CVE/list       2016-01-18 19:06:22 UTC (rev 39003)
@@ -1,6 +1,12 @@
 CVE-2016-XXXX [Multiple minor security issues]
        - imagemagick 8:6.8.9.9-7 (bug #811308)
        TODO: check, needs possibly CVEs
+CVE-2016-1924 [opj_tgt_reset: AddressSanitizer: SEGV on unknown address]
+       - openjpeg2 <unfixed>
+       TODO: check
+CVE-2016-1923 [opj_j2k_update_image_data: AddressSanitizer: 
heap-buffer-overflow READ of size 4]
+       - openjpeg2 <unfixed>
+       TODO: check
 CVE-2016-1920 [VPN Man-in-the-Middle due to shared certificate store on KNOX 
1.0 / Android 4.3]
        NOT-FOR-US: KNOX 1.0 / Android 4.3
 CVE-2016-1919 [Weak eCryptFS Key generation from user password on KNOX 1.0 / 
Android 4.3]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39003 - data/CVE

Reply via email to