Author: carnil Date: 2016-10-16 06:14:58 +0000 (Sun, 16 Oct 2016) New Revision: 45357
Modified: data/CVE/list Log: Add CVE-2016-8682/graphicsmagick Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-10-16 06:12:23 UTC (rev 45356) +++ data/CVE/list 2016-10-16 06:14:58 UTC (rev 45357) @@ -496,6 +496,10 @@ NOTE: and no mechanism is currently known by which an attacker who does not NOTE: already have root privileges could induce systemd to send messages NOTE: that would trigger the format string vulnerability. +CVE-2016-8682 [stack-based buffer overflow in ReadSCTImage (sct.c)] + - graphicsmagick <unfixed> + NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c/ + NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d CVE-2016-8679 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_size_of_val] - dwarfutils <unfixed> NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/11 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits