Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ff43a15a by Salvatore Bonaccorso at 2023-10-21T20:41:03+02:00
Track for now the experimental fix of CVE-2023-3428
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16544,6 +16544,7 @@ CVE-2023-2625 (A vulnerability exists that can be
exploited by an authenticated
CVE-2023-3436 (Xpdf 4.04 will deadlock on a PDF object stream whose "Length"
field is ...)
- xpdf <not-affected> (Debian uses poppler, which is not affected)
CVE-2023-3428 (A heap-based buffer overflow vulnerability was found in
coders/tiff.c ...)
+ [experimental] - imagemagick 8:6.9.12.98+dfsg1-1
- imagemagick <unfixed>
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/a531d28e31309676ce8168c3b6dbbb5374b78790
(7.1.1-13)
NOTE: Prerequisite:
https://github.com/ImageMagick/ImageMagick6/commit/2b4eabb9d09b278f16727c635e928bd951c58773
(6.9.12-55)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff43a15a0048cbdff318671eca2bde1ea56b9400
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff43a15a0048cbdff318671eca2bde1ea56b9400
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
