Author: hertzog
Date: 2016-09-13 09:53:08 +0000 (Tue, 13 Sep 2016)
New Revision: 44547
Modified:
data/CVE/list
Log:
Mark CVE-2016-3658/tiff3 as no-dsa for wheezy
The issue is minor and it's unlikely that we can fix this if we can't
get the file to reproduce the issue.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-13 05:18:33 UTC (rev 44546)
+++ data/CVE/list 2016-09-13 09:53:08 UTC (rev 44547)
@@ -14155,7 +14155,9 @@
[jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <removed> (low)
+ [wheezy] - tiff3 <no-dsa> (Minor issue and tiffset uses libtiff5 from
tiff and not libtiff4 from tiff3)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2546
+ NOTE: I can't find the file to reproduce the crash --Raphael Hertzog
CVE-2016-3657 (Buffer overflow in the GlobalProtect Portal in Palo Alto
Networks ...)
NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2016-3656 (The GlobalProtect Portal in Palo Alto Networks PAN-OS before
5.0.18, ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
