Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a215925d by Salvatore Bonaccorso at 2020-03-24T21:26:05+01:00 Add CVE-2020-10938/graphicsmagick This requires another double check. The CVE assignment references a merge changes. The description tough seem to refer to the upstream commit http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/95abc2b694ce which does include a respective integer overflow and relates to magick/compress.cand HuffmanDecodeImage. It as well erefers to a security issues reported to the raphicsmagick-security mail address. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5,7 +5,8 @@ CVE-2020-10940 CVE-2020-10939 RESERVED CVE-2020-10938 (GraphicsMagick before 1.3.35 has an integer overflow and resultant hea ...) - TODO: check + - graphicsmagick 1.4+really1.3.34-1 + NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/95abc2b694ce CVE-2020-10937 RESERVED CVE-2020-10936 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a215925dae035150d6e60f8337fb6bc5f5e0ac96 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a215925dae035150d6e60f8337fb6bc5f5e0ac96 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
