Author: carnil Date: 2016-09-20 16:48:01 +0000 (Tue, 20 Sep 2016) New Revision: 44753
Modified: data/CVE/list Log: Track fixes from imagemagick to experimental and to be merged after transition Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-09-20 16:25:57 UTC (rev 44752) +++ data/CVE/list 2016-09-20 16:48:01 UTC (rev 44753) @@ -4690,6 +4690,7 @@ [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723 CVE-2016-XXXX [out-of-bounds read in coders/psd.c] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832457) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1533442 @@ -4700,6 +4701,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [rle file handling for corrupted file] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832461) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1533445 @@ -4707,6 +4709,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [buffer overflow in sun file handling] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832464) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838 @@ -4715,6 +4718,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [potential DOS in sun file handling due to malformed files] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832465) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857 @@ -4736,6 +4740,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/issues/82 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [heap overflow in hdr file handling] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832469) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1537213 @@ -4743,6 +4748,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [heap buffer overflow in psd file handling] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832474) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1537418 @@ -4750,6 +4756,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [out of bound access for malformed psd file] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832475) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1537419 @@ -4757,6 +4764,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [meta file out of bound access] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832478) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1537420 @@ -4765,6 +4773,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/5a34d7ac889bd6645f6cfd164636e3efb56dbb2f NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [heap buffer overflow in psd file coder] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832480) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1537424 @@ -4783,6 +4792,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [out of bound access for viff file coder] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832483) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1537425 @@ -4790,6 +4800,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [out of bound access in xcf file coder] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832504) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1539051 @@ -4799,6 +4810,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [out of bound in quantum handling] + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832506) [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1539067 @@ -7625,6 +7637,7 @@ CVE-2016-5842 RESERVED {DSA-3652-1} + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #831034) NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1 NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b @@ -7632,6 +7645,7 @@ CVE-2016-5841 RESERVED {DSA-3652-1} + [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #831034) NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1 NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits