[Secure-testing-commits] r47982 - data/CVE

Fri, 13 Jan 2017 08:04:18 -0800 

Author: jmm
Date: 2017-01-13 15:55:31 +0000 (Fri, 13 Jan 2017)
New Revision: 47982

Modified:
   data/CVE/list
Log:
mark mark dropped tools as unfixed in sid


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-13 15:53:19 UTC (rev 47981)
+++ data/CVE/list       2017-01-13 15:55:31 UTC (rev 47982)
@@ -26646,7 +26646,7 @@
 CVE-2016-5319 [libtiff: PackBitsEncode heap buffer overflow]
        RESERVED
        {DLA-693-1}
-       - tiff <unfixed> (bug #842046)
+       - tiff 4.0.6-3 (bug #842046)
        - tiff3 <removed>
        [jessie] - tiff 4.0.3-12.3+deb8u2
        [wheezy] - tiff3 <not-affected> (tools like bmp2tiff not shipped by 
tiff3 source package)
@@ -31997,7 +31997,7 @@
        NOT-FOR-US: SAP Netweaver
 CVE-2016-3634 (The tagCompare function in tif_dirinfo.c in the thumbnail tool 
in ...)
        {DLA-693-1}
-       - tiff <unfixed>
+       - tiff 4.0.6-3
        [jessie] - tiff 4.0.3-12.3+deb8u2
        - tiff3 <removed> (unimportant)
        [wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
@@ -32019,7 +32019,7 @@
        NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as 
fixed although technically still present in the source package
 CVE-2016-3632 (The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 
and ...)
        {DLA-693-1}
-       - tiff <unfixed>
+       - tiff 4.0.6-3
        [jessie] - tiff 4.0.3-12.3+deb8u2
        - tiff3 <removed> (unimportant)
        [wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
@@ -32078,7 +32078,7 @@
        NOTE: Fixed by: 
https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286
 CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in 
LibTIFF ...)
        {DLA-693-1}
-       - tiff <unfixed> (low; bug #820364)
+       - tiff 4.0.6-3 (low; bug #820364)
        [jessie] - tiff 4.0.3-12.3+deb8u2
        - tiff3 <not-affected> (tiff tools not built)
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2565
@@ -32087,7 +32087,7 @@
        NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed 
although technically still present in the source package
 CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in 
LibTIFF ...)
        {DLA-693-1}
-       - tiff <unfixed> (low; bug #820363)
+       - tiff 4.0.6-3 (low; bug #820363)
        [jessie] - tiff 4.0.3-12.3+deb8u2
        - tiff3 <not-affected> (tiff tools not built)
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2570
@@ -32096,7 +32096,7 @@
        NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed 
although technically still present in the source package
 CVE-2016-3619 (The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff 
tool in ...)
        {DLA-693-1}
-       - tiff <unfixed> (low; bug #820362)
+       - tiff 4.0.6-3 (low; bug #820362)
        [jessie] - tiff 4.0.3-12.3+deb8u2
        - tiff3 <not-affected> (tiff tools not built)
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2567


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to