Hugo Lefeuvre pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1d48d724 by Hugo Lefeuvre at 2019-05-12T09:10:47Z
CVE-2019-11597/imagemagick: add followup fix
Upstream fix appears to be (still!) insufficient, issue is still present.
Add followup fix.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -663,6 +663,8 @@ CVE-2019-11597 (In ImageMagick 7.0.8-43 Q16, there is a
heap-based buffer over-r
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1555
NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/1d6c036f0388d7857c725342f7212b60e39a14c1
NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/c979b348d64a25a04f12ea7fe7888b2b23f230a7
+ NOTE: fix appears to be insufficient:
https://github.com/ImageMagick/ImageMagick/issues/1560
+ NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112
CVE-2019-11596 (In memcached before 1.5.14, a NULL pointer dereference was
found in th ...)
- memcached 1.5.6-1.1 (bug #928205)
[stretch] - memcached <not-affected> (Vulnerable code introduced later)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d48d724ff1a6b7c9276fb5ff4a0590701e29f72
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d48d724ff1a6b7c9276fb5ff4a0590701e29f72
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
