Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0017dca0 by Salvatore Bonaccorso at 2021-01-12T06:20:09+01:00
Track fixed version via unstable for two imagemagick issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11920,7 +11920,7 @@ CVE-2020-29600 (In AWStats through 7.7,
cgi-bin/awstats.pl?config= accepts an ab
NOTE: https://github.com/eldy/awstats/issues/90
NOTE:
https://github.com/eldy/awstats/commit/d4d815d0caae3dbae83ac70a1ae4581bd57cf376
CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40
mishandles the - ...)
- - imagemagick <unfixed> (bug #977205)
+ - imagemagick 8:6.9.11.57+dfsg-1 (bug #977205)
NOTE: https://github.com/ImageMagick/ImageMagick/discussions/2851
NOTE:
https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
NOTE: ImageMagick:
https://github.com/ImageMagick/ImageMagick/commit/a9e63436aa04c805fe3f9e2ed242dfa4621df823
@@ -20232,7 +20232,7 @@ CVE-2020-27562
CVE-2020-27561
RESERVED
CVE-2020-27560 (ImageMagick 7.0.10-34 allows Division by Zero in
OptimizeLayerFrames i ...)
- - imagemagick <unfixed> (bug #972797)
+ - imagemagick 8:6.9.11.57+dfsg-1 (bug #972797)
[buster] - imagemagick <ignored> (Minor issue)
[stretch] - imagemagick <no-dsa> (Minor issue)
NOTE: ImageMagick:
https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0017dca0967c4ee0386891b3a9422f9a55d41ffd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0017dca0967c4ee0386891b3a9422f9a55d41ffd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
