Author: jmm Date: 2017-01-13 16:01:09 +0000 (Fri, 13 Jan 2017) New Revision: 47983
Modified: data/CVE/list Log: remove no-dsa entries for some issues which got fixed along the DSA Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-13 15:55:31 UTC (rev 47982) +++ data/CVE/list 2017-01-13 16:01:09 UTC (rev 47983) @@ -13304,7 +13304,6 @@ RESERVED {DLA-716-1} - tiff 4.0.7-1 (bug #844057) - [jessie] - tiff <no-dsa> (Minor issue) - tiff3 <removed> [wheezy] - tiff3 <not-affected> (Tools not shipped by tiff3) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2592 @@ -26111,7 +26110,6 @@ RESERVED {DLA-610-1 DLA-606-1} - tiff 4.0.7-1 - [jessie] - tiff <no-dsa> (Minor issue) - tiff3 <removed> (unimportant) NOTE: src:tiff3: built binary packages do not contain the TIFF tools NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2560 @@ -30951,7 +30949,6 @@ CVE-2016-3991 (Heap-based buffer overflow in the loadImage function in the tiffcrop ...) {DLA-610-1 DLA-606-1} - tiff 4.0.7-1 - [jessie] - tiff <no-dsa> (Minor issue) - tiff3 <removed> (unimportant) NOTE: src:tiff3: built binary packages do not contain the TIFF tools NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2543 @@ -30959,7 +30956,6 @@ CVE-2016-3990 (Heap-based buffer overflow in the horizontalDifference8 function in ...) {DLA-610-1} - tiff 4.0.7-1 (bug #836570) - [jessie] - tiff <no-dsa> (Minor issue) [wheezy] - tiff <no-dsa> (Minor issue) - tiff3 <removed> (unimportant) NOTE: src:tiff3: built binary packages do not contain the TIFF tools @@ -31184,7 +31180,6 @@ CVE-2016-3945 (Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile ...) {DLA-610-1} - tiff 4.0.7-1 - [jessie] - tiff <no-dsa> (Minor issue) [wheezy] - tiff <no-dsa> (Minor issue) - tiff3 <removed> (unimportant) NOTE: src:tiff3: built binary packages do not contain the TIFF tools @@ -32051,14 +32046,12 @@ RESERVED CVE-2016-3625 (tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows ...) - tiff <unfixed> - [jessie] - tiff <no-dsa> (Minor issue) [wheezy] - tiff <no-dsa> (Minor issue) - tiff3 <removed> [wheezy] - tiff3 <not-affected> (Does not ship libtiff tools) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2566 CVE-2016-3624 (The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and ...) - tiff 4.0.6-3 - [jessie] - tiff <no-dsa> (Minor issue) [wheezy] - tiff <no-dsa> (Minor issue) - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2568 @@ -32071,7 +32064,6 @@ NOTE: No security impact, just triggers a crash in a CLI tool CVE-2016-3622 (The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF ...) - tiff 4.0.7-1 (low; bug #820365) - [jessie] - tiff <no-dsa> (Minor issue) [wheezy] - tiff <no-dsa> (Minor issue) - tiff3 <not-affected> (tiff tools not built) NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/4 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits