Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b6f1aa3 by Salvatore Bonaccorso at 2021-09-04T08:15:40+02:00
Several imagemagick issues fixed via experimental upload, start tracking
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49652,6 +49652,7 @@ CVE-2021-20314 (Stack buffer overflow in libspf2
versions below 1.2.11 when proc
NOTE: https://www.openwall.com/lists/oss-security/2021/08/11/6
CVE-2021-20313 (A flaw was found in ImageMagick in versions before 7.0.11. A
potential ...)
{DLA-2672-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <no-dsa> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -49659,6 +49660,7 @@ CVE-2021-20313 (A flaw was found in ImageMagick in
versions before 7.0.11. A pot
NOTE: IM6:
https://github.com/ImageMagick/ImageMagick6/commit/e53e24b078f7fa586f9cc910491b8910f5bdad2e
CVE-2021-20312 (A flaw was found in ImageMagick in versions 7.0.11, where an
integer o ...)
{DLA-2672-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -49673,6 +49675,7 @@ CVE-2021-20310 (A flaw was found in ImageMagick in
versions before 7.0.11, where
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/75f6f5032690077cae3eaeda3c0165cc765eaeb5
CVE-2021-20309 (A flaw was found in ImageMagick in versions before 7.0.11 and
before 6 ...)
{DLA-2672-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -49978,6 +49981,7 @@ CVE-2021-20247 (A flaw was found in mbsync before
v1.3.5 and v1.4.1. Validations
NOTE: https://www.openwall.com/lists/oss-security/2021/02/22/1
CVE-2021-20246 (A flaw was found in ImageMagick in MagickCore/resample.c. An
attacker ...)
{DLA-2602-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -49986,6 +49990,7 @@ CVE-2021-20246 (A flaw was found in ImageMagick in
MagickCore/resample.c. An att
NOTE: ImageMagick6:
https://github.com/ImageMagick/ImageMagick6/commit/f3190d4a6e6e8556575c84b5d976f77d111caa74
CVE-2021-20245 (A flaw was found in ImageMagick in coders/webp.c. An attacker
who subm ...)
{DLA-2672-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -49994,6 +49999,7 @@ CVE-2021-20245 (A flaw was found in ImageMagick in
coders/webp.c. An attacker wh
NOTE: ImageMagick6:
https://github.com/ImageMagick/ImageMagick6/commit/a78d92dc0f468e79c3d761aae9707042952cdaca
CVE-2021-20244 (A flaw was found in ImageMagick in
MagickCore/visual-effects.c. An att ...)
{DLA-2602-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -50002,6 +50008,7 @@ CVE-2021-20244 (A flaw was found in ImageMagick in
MagickCore/visual-effects.c.
NOTE: In IM6 the code seems to be in magick/fx.c
CVE-2021-20243 (A flaw was found in ImageMagick in MagickCore/resize.c. An
attacker wh ...)
{DLA-2672-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
@@ -50012,6 +50019,7 @@ CVE-2021-20242
REJECTED
CVE-2021-20241 (A flaw was found in ImageMagick in coders/jp2.c. An attacker
who submi ...)
{DLA-2602-1}
+ [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- imagemagick <unfixed>
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b6f1aa340a606ccdeb39a4f7ff810e725f2a3d6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b6f1aa340a606ccdeb39a4f7ff810e725f2a3d6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
