[Secure-testing-commits] r45355 - data/CVE

Salvatore Bonaccorso Sat, 15 Oct 2016 23:08:43 -0700

Author: carnil
Date: 2016-10-16 06:07:39 +0000 (Sun, 16 Oct 2016)
New Revision: 45355


Modified:
   data/CVE/list
Log:
Add CVE-2016-8678/imagemagick

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-16 06:06:21 UTC (rev 45354)
+++ data/CVE/list       2016-10-16 06:07:39 UTC (rev 45355)
@@ -70,6 +70,10 @@
        NOTE: 
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
        NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
        NOTE: https://github.com/libarchive/libarchive/issues/767
+CVE-2016-8678 [heap-based buffer overflow in IsPixelMonochrome]
+       - imagemagick <unfixed>
+       NOTE: 
https://blogs.gentoo.org/ago/2016/10/07/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
+       TODO: check
 CVE-2016-8677 [memory allocate failure in AcquireQuantumPixels]
        - imagemagick <unfixed>
        NOTE: 
https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r45355 - data/CVE

Reply via email to