Author: jmm Date: 2017-01-13 15:55:31 +0000 (Fri, 13 Jan 2017) New Revision: 47982
Modified: data/CVE/list Log: mark mark dropped tools as unfixed in sid Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-13 15:53:19 UTC (rev 47981) +++ data/CVE/list 2017-01-13 15:55:31 UTC (rev 47982) @@ -26646,7 +26646,7 @@ CVE-2016-5319 [libtiff: PackBitsEncode heap buffer overflow] RESERVED {DLA-693-1} - - tiff <unfixed> (bug #842046) + - tiff 4.0.6-3 (bug #842046) - tiff3 <removed> [jessie] - tiff 4.0.3-12.3+deb8u2 [wheezy] - tiff3 <not-affected> (tools like bmp2tiff not shipped by tiff3 source package) @@ -31997,7 +31997,7 @@ NOT-FOR-US: SAP Netweaver CVE-2016-3634 (The tagCompare function in tif_dirinfo.c in the thumbnail tool in ...) {DLA-693-1} - - tiff <unfixed> + - tiff 4.0.6-3 [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <removed> (unimportant) [wheezy] - tiff3 <not-affected> (Does not ship libtiff tools) @@ -32019,7 +32019,7 @@ NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package CVE-2016-3632 (The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and ...) {DLA-693-1} - - tiff <unfixed> + - tiff 4.0.6-3 [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <removed> (unimportant) [wheezy] - tiff3 <not-affected> (Does not ship libtiff tools) @@ -32078,7 +32078,7 @@ NOTE: Fixed by: https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286 CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF ...) {DLA-693-1} - - tiff <unfixed> (low; bug #820364) + - tiff 4.0.6-3 (low; bug #820364) [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2565 @@ -32087,7 +32087,7 @@ NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF ...) {DLA-693-1} - - tiff <unfixed> (low; bug #820363) + - tiff 4.0.6-3 (low; bug #820363) [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2570 @@ -32096,7 +32096,7 @@ NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package CVE-2016-3619 (The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in ...) {DLA-693-1} - - tiff <unfixed> (low; bug #820362) + - tiff 4.0.6-3 (low; bug #820362) [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2567 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits