Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3ab722fd by Salvatore Bonaccorso at 2022-11-29T20:47:51+01:00 CVE-2020-29599: clarify there are two vectors for IM6 52bd38de3f9d ("Remove prefixed whitespaces") or any call trough writecvelist would have removed the leading whitespaces. But the intention in the initial formatting was to make clear there are two vectors for the issue for IM6. Make them two "enumerated" items to restore the intention. Thanks: Sylvain Beucler <[email protected]> Thanks: Roberto C. Sánchez <[email protected]> Fixes: 52bd38de3f9d ("Remove prefixed whitespaces") - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -147479,10 +147479,10 @@ CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles NOTE: cf 200-disable-ghostscript-formats.patch in 8:6.9.10.23+dfsg-2.1+deb10u1, but opens NOTE: #964090. NOTE: 2 vectors for IM6: - NOTE: - stealth (ps:* delegates, hard-coded options) + NOTE: 1. stealth (ps:* delegates, hard-coded options) NOTE: broken between 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) and 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) NOTE: '-authenticate' replaced by '-define authenticate=' between 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) and 83ec5b above - NOTE: - bimodal ('-define delegate:bimodal=true' + pdf->(e)ps delegates, %a expansion) after 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) + NOTE: 2. bimodal ('-define delegate:bimodal=true' + pdf->(e)ps delegates, %a expansion) after 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) CVE-2020-29598 REJECTED CVE-2020-29597 (IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ab722fdde037cc62759d2b02c0809dcd293b997 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ab722fdde037cc62759d2b02c0809dcd293b997 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
