severity 776185 important retitle 776185 tiff: CVE-2014-8127 CVE-2014-8128 CVE-2014-8130 thanks
On Sun, Jan 25, 2015 at 07:46:27AM +0100, Salvatore Bonaccorso wrote: > Source: tiff > Version: 4.0.3-12 > Severity: grave > Tags: security upstream > Justification: user security hole > > Hi, > > the following vulnerabilities were published for tiff. > > CVE-2014-8127[0]: > various out-of-bound reads > > CVE-2014-8128[1]: > various out-of-bounds write > > CVE-2014-8129[2]: > various out-of-bound read and write > > CVE-2014-8130[3]: > divide by zero CVE-2014-8127 is fixed in 4.0.3-12.1 except the sub-issue from http://bugzilla.maptools.org/show_bug.cgi?id=2500 CVE-2014-8128 is fixed in 4.0.3-12.1 except the sub-issues from http://bugzilla.maptools.org/show_bug.cgi?id=2499 and http://bugzilla.maptools.org/show_bug.cgi?id=2501 CVE-2014-8129 is fixed in 4.0.3-12.1 Lowering severity. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
