[Secure-testing-commits] r56757 - data/CVE

Moritz Muehlenhoff Mon, 16 Oct 2017 07:40:58 -0700

Author: jmm
Date: 2017-10-16 14:40:41 +0000 (Mon, 16 Oct 2017)
New Revision: 56757


Modified:
   data/CVE/list
Log:
classic libjpeg n/a


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-16 14:04:46 UTC (rev 56756)
+++ data/CVE/list       2017-10-16 14:40:41 UTC (rev 56757)
@@ -382,11 +382,12 @@
        RESERVED
 CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in 
jdpostct.c and ...)
        - libjpeg-turbo <unfixed> (low; bug #878567)
-       - libjpeg6b <unfixed>
-       - libjpeg8 <removed>
-       - libjpeg9 <unfixed>
+       - libjpeg6b <not-affected> (Vulnerable code not present)
+       - libjpeg8 <not-affected> (Vulnerable code not present)
+       - libjpeg9 <not-affected> (Vulnerable code not present)
        NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
        NOTE: https://github.com/mozilla/mozjpeg/issues/268
+       NOTE: IJG libjpeg releases not affected, see 
https://lists.debian.org/debian-lts/2017/10/msg00061.html
 CVE-2017-15231
        RESERVED
 CVE-2017-15230


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56757 - data/CVE

Reply via email to