Author: jmm
Date: 2017-01-12 23:50:19 +0000 (Thu, 12 Jan 2017)
New Revision: 47961
Modified:
data/CVE/list
Log:
libplist no-dsa
two openjpeg2 issues unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-12 23:06:33 UTC (rev 47960)
+++ data/CVE/list 2017-01-12 23:50:19 UTC (rev 47961)
@@ -276,7 +276,8 @@
CVE-2017-5210
RESERVED
CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice
libplist ...)
- - libplist <unfixed> (bug #851196)
+ - libplist <unfixed> (low; bug #851196)
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: Upstream bug:
https://github.com/libimobiledevice/libplist/issues/84
NOTE:
https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
CVE-2017-5205
@@ -11888,14 +11889,16 @@
RESERVED
CVE-2016-9581 [infinite loop in tiftoimage resulting into heap buffer overflow
in convert_32s_C1P1]
RESERVED
- - openjpeg2 <unfixed>
+ - openjpeg2 <unfixed> (unimportant)
NOTE: https://github.com/uclouvain/openjpeg/issues/872
NOTE: Fixed by:
https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
+ NOTE: not built into the binary packages
CVE-2016-9580 [integer overflow in tiftoimage resulting into heap buffer
overflow]
RESERVED
- - openjpeg2 <unfixed>
+ - openjpeg2 <unfixed> (unimportant)
NOTE: https://github.com/uclouvain/openjpeg/issues/871
NOTE: Fixed by:
https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
+ NOTE: not built into the binary packages
CVE-2016-9579 [RGW server DoS via request with invalid HTTP Origin header]
RESERVED
- ceph 10.2.5-2 (bug #849048)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
