[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Mon, 20 Jun 2022 08:42:48 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a02ac962 by Moritz Muehlenhoff at 2022-06-20T17:42:12+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15286,7 +15286,7 @@ CVE-2022-28464 (Apifox through 2.1.6 is vulnerable to 
Cross Site Scripting (XSS)
        NOT-FOR-US: Apifox
 CVE-2022-28463 (ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. ...)
        {DLA-3007-1}
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
        [buster] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f
@@ -16601,14 +16601,14 @@ CVE-2022-1116 (Integer Overflow or Wraparound 
vulnerability in io_uring of Linux
        - linux <not-affected> (Vulnerable code not present; introduced in 
5.4.24; fixed in 5.4.189)
 CVE-2022-1115
        RESERVED
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
        [buster] - imagemagick <no-dsa> (Minor issue)
        [stretch] - imagemagick <no-dsa> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/4974
        NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51
 CVE-2022-1114 (A heap-use-after-free flaw was found in ImageMagick's 
RelinquishDCMInf ...)
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
        [buster] - imagemagick <no-dsa> (Minor issue)
        [stretch] - imagemagick <not-affected> (Vulnerable code not present)
@@ -24738,7 +24738,7 @@ CVE-2022-0613 (Authorization Bypass Through 
User-Controlled Key in NPM urijs pri
 CVE-2021-4220
        REJECTED
 CVE-2021-4219 (A flaw was found in ImageMagick. The vulnerability occurs due 
to impro ...)
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
        [buster] - imagemagick <no-dsa> (Minor issue)
        [stretch] - imagemagick <postponed> (Minor issue, DoS)
@@ -106734,7 +106734,7 @@ CVE-2021-20314 (Stack buffer overflow in libspf2 
versions below 1.2.11 when proc
 CVE-2021-20313 (A flaw was found in ImageMagick in versions before 7.0.11. A 
potential ...)
        {DLA-2672-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482
@@ -106742,7 +106742,7 @@ CVE-2021-20313 (A flaw was found in ImageMagick in 
versions before 7.0.11. A pot
 CVE-2021-20312 (A flaw was found in ImageMagick in versions 7.0.11, where an 
integer o ...)
        {DLA-2672-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482
@@ -106757,7 +106757,7 @@ CVE-2021-20310 (A flaw was found in ImageMagick in 
versions before 7.0.11, where
 CVE-2021-20309 (A flaw was found in ImageMagick in versions before 7.0.11 and 
before 6 ...)
        {DLA-2672-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: ImageMagick: 
https://github.com/ImageMagick/ImageMagick/commit/94174beff065cb5683d09d79e992c3ebbdead311
@@ -107053,7 +107053,7 @@ CVE-2021-20247 (A flaw was found in mbsync before 
v1.3.5 and v1.4.1. Validations
 CVE-2021-20246 (A flaw was found in ImageMagick in MagickCore/resample.c. An 
attacker  ...)
        {DLA-2602-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/3195
@@ -107062,7 +107062,7 @@ CVE-2021-20246 (A flaw was found in ImageMagick in 
MagickCore/resample.c. An att
 CVE-2021-20245 (A flaw was found in ImageMagick in coders/webp.c. An attacker 
who subm ...)
        {DLA-2672-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/3176
@@ -107071,7 +107071,7 @@ CVE-2021-20245 (A flaw was found in ImageMagick in 
coders/webp.c. An attacker wh
 CVE-2021-20244 (A flaw was found in ImageMagick in 
MagickCore/visual-effects.c. An att ...)
        {DLA-2602-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/pull/3194
@@ -107080,7 +107080,7 @@ CVE-2021-20244 (A flaw was found in ImageMagick in 
MagickCore/visual-effects.c.
 CVE-2021-20243 (A flaw was found in ImageMagick in MagickCore/resize.c. An 
attacker wh ...)
        {DLA-2672-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/pull/3193
@@ -107091,7 +107091,7 @@ CVE-2021-20242
 CVE-2021-20241 (A flaw was found in ImageMagick in coders/jp2.c. An attacker 
who submi ...)
        {DLA-2602-1}
        [experimental] - imagemagick 8:6.9.12.20+dfsg1-1
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (bug #1013282)
        [bullseye] - imagemagick <ignored> (Minor issue)
        [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/pull/3177



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a02ac962d4aca916f26d4446d5389bbb2557634b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a02ac962d4aca916f26d4446d5389bbb2557634b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to