Hugo Lefeuvre pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
36f1a4e7 by Hugo Lefeuvre at 2019-08-09T09:09:56Z
CVE-2019-13306/imagemagick: update commit links
Reverting cb5ec7d was intentional, the CVE-2019-13305 fix appears to also
be the fix for CVE-2019-13306.
More information on the Debian bug report: #931449
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5116,8 +5116,10 @@ CVE-2019-13307 (ImageMagick 7.0.8-50 Q16 has a
heap-based buffer overflow at Mag
CVE-2019-13306 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at
coders/p ...)
- imagemagick <unfixed> (bug #931449)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1612
+ NOTE: initial fix:
NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa
- NOTE: this patch is reverted by the patch for CVE-2019-13305.
+ NOTE: later reverted by the CVE-2019-13305 fix which is the right one:
+ NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d
CVE-2019-13305 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at
coders/p ...)
- imagemagick <unfixed> (bug #931452)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1613
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/36f1a4e72c24808b921c1a28e01e25fd7783d5a6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/36f1a4e72c24808b921c1a28e01e25fd7783d5a6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
