Author: agx Date: 2017-02-03 09:13:15 +0000 (Fri, 03 Feb 2017) New Revision: 48676
Modified: data/CVE/list Log: lts: mark netpbm-free in wheezy as unaffected The provided testcase does not crash the wheezy version and upstream explains why in http://bugzilla.maptools.org/show_bug.cgi?id=2654#c8 so Jessie likely isn't affected either. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-02-03 09:10:12 UTC (rev 48675) +++ data/CVE/list 2017-02-03 09:13:15 UTC (rev 48676) @@ -511,6 +511,7 @@ CVE-2017-5849 [Out-of-Bound read and write issues in put1bitbwtile() and putgreytile()] RESERVED - netpbm-free <unfixed> (bug #853997) + [wheezy] - netpbm-free <not-affected> (vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2 CVE-2017-5850 RESERVED _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
