[Secure-testing-commits] r50520 - data/CVE

Sun, 09 Apr 2017 23:53:09 -0700 

Author: carnil
Date: 2017-04-10 06:51:52 +0000 (Mon, 10 Apr 2017)
New Revision: 50520

Modified:
   data/CVE/list
Log:
Update more tiff issues, reference reporter blog

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-04-10 06:49:10 UTC (rev 50519)
+++ data/CVE/list       2017-04-10 06:51:52 UTC (rev 50520)
@@ -41,31 +41,31 @@
 CVE-2017-7602 (LibTIFF 4.0.7 has a signed integer overflow, which might allow 
remote ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7601 (LibTIFF 4.0.7 has a &quot;shift exponent too large for 64-bit 
type long&quot; ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7600 (LibTIFF 4.0.7 has an &quot;outside the range of representable 
values of type ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7599 (LibTIFF 4.0.7 has an &quot;outside the range of representable 
values of type ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7598 (tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to 
cause a ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7597 (tif_dirread.c in LibTIFF 4.0.7 has an &quot;outside the range 
of ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7596 (LibTIFF 4.0.7 has an &quot;outside the range of representable 
values of type ...)
        - tiff <unfixed>
        - tiff3 <removed>
-       TODO: check
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 CVE-2017-7595 (The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 
allows ...)
        - tiff <unfixed> (bug #860003)
        - tiff3 <removed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to