[Secure-testing-commits] r41691 - data/CVE

Salvatore Bonaccorso Thu, 12 May 2016 21:35:41 -0700

Author: carnil
Date: 2016-05-13 04:35:10 +0000 (Fri, 13 May 2016)
New Revision: 41691


Modified:
   data/CVE/list
Log:
CVE-2016-479{6,7}/OpenJPEG assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-05-12 21:38:36 UTC (rev 41690)
+++ data/CVE/list       2016-05-13 04:35:10 UTC (rev 41691)
@@ -414,12 +414,13 @@
        RESERVED
 CVE-2016-4575
        RESERVED
-CVE-2016-XXXX [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of 
color.c]
+CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of 
color.c]
        - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
-CVE-2016-XXXX [OpenJPEG division-by-zero in function opj_tcd_init_tile of 
tcd.c]
+CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of 
tcd.c]
        - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
+       NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
 CVE-2016-4794 [bpf related UAF]
        - linux <unfixed>
 CVE-2016-4573


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r41691 - data/CVE

Reply via email to