[Git][security-tracker-team/security-tracker][master] new imagemagick issues

Tue, 24 Dec 2019 00:37:56 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bf03c00d by Moritz Muehlenhoff at 2019-12-24T08:36:38Z
new imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,30 @@
 CVE-2019-19953 (In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a 
heap-based buff ...)
        TODO: check
 CVE-2019-19952 (In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the 
function  ...)
-       TODO: check
+       - imagemagick <unfixed> (low)
+       [buster] - imagemagick <no-dsa> (Minor issue)
+       [stretch] - imagemagick <no-dsa> (Minor issue)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/1791
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/916d7bbd2c66a286d379dbd94bc6035c8fab937c
 (7.x)
+       NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/7ef923841437bb57bd9b55fc0bf40ddc99b93c2b
 (6.x)
 CVE-2019-19951 (In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a 
heap-based buff ...)
        TODO: check
 CVE-2019-19950 (In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a 
use-after-free  ...)
        TODO: check
 CVE-2019-19949 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer 
over-read in ...)
-       TODO: check
+       - imagemagick <unfixed> (low)
+       [buster] - imagemagick <no-dsa> (Minor issue)
+       [stretch] - imagemagick <no-dsa> (Minor issue)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/1561
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/d17c047f7bff7c0edbf304470cd2ab9d02fbf617
 (7.x)
+       NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/34adc98afd5c7e7fb774d2ebdaea39e831c24dce
 (6.x)
 CVE-2019-19948 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer 
overflow in  ...)
-       TODO: check
+       - imagemagick <unfixed> (low)
+       [buster] - imagemagick <no-dsa> (Minor issue)
+       [stretch] - imagemagick <no-dsa> (Minor issue)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/1562
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/6ae32a9038e360b3491969d5d03d490884f02b4c
 (7.x)
+       NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/9e7db22f8c374301db3f968757f0d08070fd4e54
 (6.x) 
 CVE-2019-19947 (In the Linux kernel through 5.4.6, there are information leaks 
of unin ...)
        TODO: check
 CVE-2019-19946



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf03c00d3d137a9ee9c7b46f681dfdfc7dc722b6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf03c00d3d137a9ee9c7b46f681dfdfc7dc722b6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to