Author: nluedtke-guest
Date: 2016-09-21 18:22:33 +0000 (Wed, 21 Sep 2016)
New Revision: 44803

Modified:
   data/CVE/list
Log:
Mark openjpeg removed in CVE-2016-4796

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-21 18:22:22 UTC (rev 44802)
+++ data/CVE/list       2016-09-21 18:22:33 UTC (rev 44803)
@@ -11751,7 +11751,9 @@
 CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of 
color.c]
        RESERVED
        - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
-       - openjpeg <not-affected> (Vulnerable code not present)
+       - openjpeg <removed>
+       [jessie] - openjpeg <not-affected> (Vulnerable code not present)
+       [wheezy] - openjpeg <not-affected> (Vulnerable code not present)
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
 CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of 
tcd.c]
        RESERVED
@@ -21478,7 +21480,6 @@
        [squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze 
LTS)
 CVE-2016-1626 (The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as 
used in ...)
        {DSA-3486-1}
-       - openjpeg2 <undetermined>
        - openjpeg <removed>
        [jessie] - openjpeg <not-affected> (Vulnerable code introduced later)
        [wheezy] - openjpeg <not-affected> (Vulnerable code introduced later)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to