Author: jmm
Date: 2017-01-13 16:01:09 +0000 (Fri, 13 Jan 2017)
New Revision: 47983
Modified:
data/CVE/list
Log:
remove no-dsa entries for some issues which got fixed along the DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-13 15:55:31 UTC (rev 47982)
+++ data/CVE/list 2017-01-13 16:01:09 UTC (rev 47983)
@@ -13304,7 +13304,6 @@
RESERVED
{DLA-716-1}
- tiff 4.0.7-1 (bug #844057)
- [jessie] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
[wheezy] - tiff3 <not-affected> (Tools not shipped by tiff3)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2592
@@ -26111,7 +26110,6 @@
RESERVED
{DLA-610-1 DLA-606-1}
- tiff 4.0.7-1
- [jessie] - tiff <no-dsa> (Minor issue)
- tiff3 <removed> (unimportant)
NOTE: src:tiff3: built binary packages do not contain the TIFF tools
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2560
@@ -30951,7 +30949,6 @@
CVE-2016-3991 (Heap-based buffer overflow in the loadImage function in the
tiffcrop ...)
{DLA-610-1 DLA-606-1}
- tiff 4.0.7-1
- [jessie] - tiff <no-dsa> (Minor issue)
- tiff3 <removed> (unimportant)
NOTE: src:tiff3: built binary packages do not contain the TIFF tools
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2543
@@ -30959,7 +30956,6 @@
CVE-2016-3990 (Heap-based buffer overflow in the horizontalDifference8
function in ...)
{DLA-610-1}
- tiff 4.0.7-1 (bug #836570)
- [jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <removed> (unimportant)
NOTE: src:tiff3: built binary packages do not contain the TIFF tools
@@ -31184,7 +31180,6 @@
CVE-2016-3945 (Multiple integer overflows in the (1) cvt_by_strip and (2)
cvt_by_tile ...)
{DLA-610-1}
- tiff 4.0.7-1
- [jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <removed> (unimportant)
NOTE: src:tiff3: built binary packages do not contain the TIFF tools
@@ -32051,14 +32046,12 @@
RESERVED
CVE-2016-3625 (tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier
allows ...)
- tiff <unfixed>
- [jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
[wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2566
CVE-2016-3624 (The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6
and ...)
- tiff 4.0.6-3
- [jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <not-affected> (tiff tools not built)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2568
@@ -32071,7 +32064,6 @@
NOTE: No security impact, just triggers a crash in a CLI tool
CVE-2016-3622 (The fpAcc function in tif_predict.c in the tiff2rgba tool in
LibTIFF ...)
- tiff 4.0.7-1 (low; bug #820365)
- [jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
- tiff3 <not-affected> (tiff tools not built)
NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/4
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
