Author: carnil
Date: 2017-04-10 07:21:30 +0000 (Mon, 10 Apr 2017)
New Revision: 50521
Modified:
data/CVE/list
Log:
Reference commits for tiff issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-10 06:51:52 UTC (rev 50520)
+++ data/CVE/list 2017-04-10 07:21:30 UTC (rev 50521)
@@ -41,31 +41,38 @@
CVE-2017-7602 (LibTIFF 4.0.7 has a signed integer overflow, which might allow
remote ...)
- tiff <unfixed>
- tiff3 <removed>
+ NOTE:
https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7601 (LibTIFF 4.0.7 has a "shift exponent too large for 64-bit
type long" ...)
- tiff <unfixed>
- tiff3 <removed>
+ NOTE:
https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7600 (LibTIFF 4.0.7 has an "outside the range of representable
values of type ...)
- tiff <unfixed>
- tiff3 <removed>
+ NOTE:
https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7599 (LibTIFF 4.0.7 has an "outside the range of representable
values of type ...)
- tiff <unfixed>
- tiff3 <removed>
+ NOTE:
https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7598 (tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to
cause a ...)
- tiff <unfixed>
- tiff3 <removed>
+ NOTE:
https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7597 (tif_dirread.c in LibTIFF 4.0.7 has an "outside the range
of ...)
- tiff <unfixed>
- tiff3 <removed>
+ NOTE:
https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7596 (LibTIFF 4.0.7 has an "outside the range of representable
values of type ...)
- tiff <unfixed>
- tiff3 <removed>
NOTE:
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
+ NOTE:
https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
CVE-2017-7595 (The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7
allows ...)
- tiff <unfixed> (bug #860003)
- tiff3 <removed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
