[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-{14981,11470}: remove triage

Mon, 21 Oct 2019 01:54:14 -0700 


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
84b9f3a7 by Hugo Lefeuvre at 2019-10-21T08:47:57Z
CVE-2019-{14981,11470}: remove <postponed> triage

fixed via DLA-1968-1

- - - - -
785616ac by Hugo Lefeuvre at 2019-10-21T08:52:05Z
dsa-needed: add python-reportlab, take it

CVE-2019-17626, remote code execution

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9605,7 +9605,6 @@ CVE-2019-14982 (In Exiv2 before v0.27.2, there is an 
integer overflow vulnerabil
        NOTE: 
https://github.com/Exiv2/exiv2/pull/962/commits/e925bc5addd881543fa503470c8a859e112cca62
 CVE-2019-14981 (In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, 
there is  ...)
        - imagemagick <unfixed>
-       [jessie] - imagemagick <postponed> (can be fixed along with more 
important issues)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1552
        NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256
 CVE-2019-14980 (In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, 
there is  ...)
@@ -20721,7 +20720,6 @@ CVE-2019-11470 (The cineon parsing component in 
ImageMagick 7.0.8-26 Q16 allows
        - imagemagick <unfixed> (low; bug #927830)
        [buster] - imagemagick <ignored> (Minor issue)
        [stretch] - imagemagick <ignored> (Minor issue)
-       [jessie] - imagemagick <postponed> (can be fixed along with more 
important issues)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472
        NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0
 CVE-2018-20822 (LibSass 3.5.4 allows attackers to cause a denial-of-service 
(uncontrol ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -53,6 +53,8 @@ poppler (jmm)
 --
 python3.5 (jmm)
 --
+python-reportlab (hle)
+--
 simplesamlphp/oldstable
 --
 slurm-llnl (jmm)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/0b128825ec0ad730303a944b6d0c446a8d3a9613...785616ac9bdcc615cf3514f61acaebf7881ddc74

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/0b128825ec0ad730303a944b6d0c446a8d3a9613...785616ac9bdcc615cf3514f61acaebf7881ddc74
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to