[Secure-testing-commits] r45589 - data/CVE

Tue, 25 Oct 2016 07:32:54 -0700 

Author: hertzog
Date: 2016-10-25 14:31:47 +0000 (Tue, 25 Oct 2016)
New Revision: 45589

Modified:
   data/CVE/list
Log:
Mark CVE-2016-5315/CVE-2016-5316/CVE-2016-5317 as fixed in unstable with 
version 4.0.6-2

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-25 14:31:25 UTC (rev 45588)
+++ data/CVE/list       2016-10-25 14:31:47 UTC (rev 45589)
@@ -11220,11 +11220,11 @@
 CVE-2016-5317 [GNOME nautilus: crash occurs when generating a thumbnail for a 
crafted TIFF image]
        RESERVED
        {DLA-610-1 DLA-606-1}
-       - tiff <unfixed>
+       - tiff 4.0.6-2 (bug #830700)
        - tiff3 <removed>
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2557
        NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=653
-       NOTE: Upstream marked this duplicate of bug 2554
+       NOTE: Upstream marked this duplicate of bug 
http://bugzilla.maptools.org/show_bug.cgi?id=2554
 CVE-2016-5316 [tif_pixarlog.c: PixarLogCleanup() Segmentation fault]
        RESERVED
        {DLA-610-1 DLA-606-1}
@@ -11232,17 +11232,17 @@
        - tiff3 <removed>
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2556
        NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=656
-       NOTE: Upstream fix 
https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
+       NOTE: Upstream marked this duplicate of bug 
http://bugzilla.maptools.org/show_bug.cgi?id=2554
 CVE-2016-5315 [tif_dir.c: setByteArray() Read access violation]
        RESERVED
        {DLA-610-1 DLA-606-1}
-       - tiff <unfixed>
+       - tiff 4.0.6-2 (bug #830700)
        - tiff3 <removed>
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2555
        NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=655
        NOTE: Possible duplicate with PixarLogDecode() issue
        NOTE:  http://bugzilla.maptools.org/show_bug.cgi?id=2555#c2
-       NOTE: Upstream marked this duplicate of bug 2554
+       NOTE: Upstream marked this duplicate of 
http://bugzilla.maptools.org/show_bug.cgi?id=2554
 CVE-2016-5314 [PixarLogDecode() out-of-bound writes]
        RESERVED
        {DLA-610-1 DLA-606-1}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to