[Git][security-tracker-team/security-tracker][master] imagemagick triage

Thu, 22 Apr 2021 04:35:18 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8e3fe4a4 by Moritz Muehlenhoff at 2021-04-22T13:34:38+02:00
imagemagick triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27005,9 +27005,10 @@ CVE-2021-20314
        RESERVED
 CVE-2021-20313 [Cipher leak when the calculating signatures in 
TransformSignatureof MagickCore/signature.c]
        RESERVED
-       - imagemagick <undetermined>
+       - imagemagick <unfixed>
+       [buster] - imagemagick <ignored> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482
-       TODO: check if specific to IM7
+       NOTE: IM6: 
https://github.com/ImageMagick/ImageMagick6/commit/e53e24b078f7fa586f9cc910491b8910f5bdad2e
 CVE-2021-20312 [Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c]
        RESERVED
        - imagemagick <unfixed>
@@ -27021,9 +27022,9 @@ CVE-2021-20311 [Division by zero in 
sRGBTransformImage() in MagickCore/colorspac
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482
 CVE-2021-20310 [Division by zero in ConvertXYZToJzazbz() of 
MagickCore/colorspace.c]
        RESERVED
+       - imagemagick <not-affected> (Specific to IM7)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/3295
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/75f6f5032690077cae3eaeda3c0165cc765eaeb5
-       TODO: Check whether specific to IM7
 CVE-2021-20309 [Division by zero in WaveImage() of MagickCore/visual-effects.c]
        RESERVED
        - imagemagick <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e3fe4a4ee9c22592329ca50abe1d8e781cf5201

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e3fe4a4ee9c22592329ca50abe1d8e781cf5201
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to