[Secure-testing-commits] r48113 - data/CVE

Salvatore Bonaccorso Mon, 16 Jan 2017 12:33:23 -0800

Author: carnil
Date: 2017-01-16 20:27:11 +0000 (Mon, 16 Jan 2017)
New Revision: 48113


Modified:
   data/CVE/list
Log:
Update status for CVE-2016-888{0,1}/jasper

Requested by Tomas Hoger from Red Hat to be rejected as duplicates of
CVE-2011-451{6,7}. Keep fixing version and notes until that happened to
at least track the correct "fixing version".

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-16 20:18:49 UTC (rev 48112)
+++ data/CVE/list       2017-01-16 20:27:11 UTC (rev 48113)
@@ -15018,14 +15018,14 @@
        NOTE: 
https://github.com/mdadams/jasper/commit/69a1439a5381e42b06ec6a06ed2675eb793babee
 (version-1.900.8)
 CVE-2016-8881 [Heap overflow in jpc_getuint16()]
        RESERVED
-       - jasper <removed>
-       [wheezy] - jasper <no-dsa> (no patch available for just this issue)
+       - jasper 1.900.1-13
        NOTE: https://github.com/mdadams/jasper/issues/29
+       NOTE: Duplicate of CVE-2011-4517, cf 
https://github.com/mdadams/jasper/issues/29#issuecomment-267322934
 CVE-2016-8880 [Heap overflow in jpc_dec_cp_setfromcox()]
        RESERVED
-       - jasper <removed>
-       [wheezy] - jasper <no-dsa> (no patch available for just this issue)
+       - jasper 1.900.1-13
        NOTE: https://github.com/mdadams/jasper/issues/28
+       NOTE: Duplicate of CVE-2011-4516, cf 
https://github.com/mdadams/jasper/issues/28#issuecomment-267053875
 CVE-2016-8866 [memory allocation failure in AcquireMagickMemory (memory.c) 
(incomplete fix for CVE-2016-8862)]
        RESERVED
        {DLA-756-1}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r48113 - data/CVE

Reply via email to