CVE-2017-9114/openexr: clarify fixed versions

Follow-up to d2433469e14f4e07b77e28e5b20085391450260d
author: Sylvain Beucler <beuc@beuc.net> 2021-06-23 17:47:28 +0200
committer: Sylvain Beucler <beuc@beuc.net> 2021-06-23 18:07:37 +0200
commit: 0f2f7450dad3bd89ca88bd0f3342c2858f242fee (patch)
tree: 3ac7422218c835051707532f181c332760941672 /data/CVE/list.2017
parent: 02d6087736d591c0dc7079772111acade5fbec62 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017
index 9f72365516..e360b7ed3b 100644
--- a/data/CVE/list.2017
+++ b/data/CVE/list.2017
@@ -28349,10 +28349,10 @@ CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator fu
 	NOTE: https://github.com/openexr/openexr/issues/232
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/401#issuecomment-513721310 (v2.4.0)
 CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in  ...)
-	{DSA-4755-1 DLA-2358-1}
-	- openexr 2.2.0-11.1 (bug #873885)
-	[jessie] - openexr <no-dsa> (Minor issue)
-	[wheezy] - openexr <no-dsa> (Minor issue)
+	{DLA-2358-1}
+	- openexr 2.2.0-11.1 (bug #864078)
+	[jessie] - openexr <not-affected> (ImfFastHuf.cpp / DWA compressor introduced v2.2)
+	[wheezy] - openexr <not-affected> (ImfFastHuf.cpp / DWA compressor introduced v2.2)
 	NOTE: https://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/49db4a4192482eec9c27669f75db144cf5434804 (v2.2.1)
author	Sylvain Beucler <beuc@beuc.net>	2021-06-23 17:47:28 +0200
committer	Sylvain Beucler <beuc@beuc.net>	2021-06-23 18:07:37 +0200
commit	0f2f7450dad3bd89ca88bd0f3342c2858f242fee (patch)
tree	3ac7422218c835051707532f181c332760941672 /data/CVE/list.2017
parent	02d6087736d591c0dc7079772111acade5fbec62 (diff)