[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] nm no-dsa

Tue, 27 Mar 2018 13:41:21 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
04168784 by Moritz Muehlenhoff at 2018-03-27T22:40:15+02:00
nm no-dsa
imagemagick no-dsa
jasper unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,8 +3,9 @@ CVE-2018-9057 (aws/resource_aws_iam_user_login_profile.go in 
the HashiCorp Terra
 CVE-2018-9056 (Systems with microprocessors utilizing speculative execution 
may allow ...)
        TODO: check
 CVE-2018-9055 (JasPer 2.0.14 allows denial of service via a reachable 
assertion in the ...)
-       - jasper <removed>
+       - jasper <removed> (unimportant)
        NOTE: https://github.com/mdadams/jasper/issues/172
+       NOTE: Negligable impact
 CVE-2018-9054 (In Windows Master (aka Windows Optimization Master) 
7.99.13.604, the ...)
        NOT-FOR-US: Windows Master (aka Windows Optimization Master)
 CVE-2018-9053 (In Windows Master (aka Windows Optimization Master) 
7.99.13.604, the ...)
@@ -83,7 +84,9 @@ CVE-2017-18253 (An issue was discovered in ImageMagick 7.0.7. 
A NULL pointer ...
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/794
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/de5deab202c340162b65f65bafbbe17b1eda2c1a
 CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The 
MogrifyImageList ...)
-       - imagemagick <unfixed>
+       - imagemagick <unfixed> (low)
+       [stretch] - imagemagick <ignored> (Minor issue)
+       [jessie] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/802
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db
@@ -234,7 +237,9 @@ CVE-2018-8961 (In libming 0.4.8, the decompilePUSHPARAM 
function of decompile.c 
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/130
 CVE-2018-8960 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 
7.0.7-26 Q16 ...)
-       - imagemagick 8:6.9.9.39+dfsg-1
+       - imagemagick 8:6.9.9.39+dfsg-1 (low)
+       [stretch] - imagemagick <ignored> (Minor issue)
+       [jessie] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1020
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/23f6beef78cfe806cabc090a015e73557d60788e
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/7c0b29f621ebcce1a35c0e6c1992c9043b3bb1bd
@@ -591,6 +596,8 @@ CVE-2018-8822 (Incorrect buffer length handling in the 
ncp_read_kernel function 
        - linux <unfixed>
 CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a 
Information ...)
        - network-manager <unfixed>
+       [stretch] - network-manager <no-dsa> (Minor issue)
+       [jessie] - network-manager <no-dsa> (Minor issue)
        NOTE: 
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1754671
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746422
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
@@ -637,7 +644,9 @@ CVE-2018-8806 (In libming 0.4.8, there is a use-after-free 
in the ...)
 CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS 
via the ...)
        NOT-FOR-US: Yxcms
 CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 
allows remote ...)
-       - imagemagick 8:6.9.9.39+dfsg-1
+       - imagemagick 8:6.9.9.39+dfsg-1 (low)
+       [stretch] - imagemagick <ignored> (Minor issue)
+       [jessie] - imagemagick <ignored> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/041687847aed2515ffcb187b696125f6f83b6b6c

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/041687847aed2515ffcb187b696125f6f83b6b6c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to