Author: carnil
Date: 2016-01-14 07:29:39 +0000 (Thu, 14 Jan 2016)
New Revision: 38896
Modified:
data/CVE/list
Log:
Mark two temporary entries for imagemagick as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-13 22:17:19 UTC (rev 38895)
+++ data/CVE/list 2016-01-14 07:29:39 UTC (rev 38896)
@@ -6914,6 +6914,8 @@
TODO: check
CVE-2015-XXXX [Double free in coders/pict.c:2000]
- imagemagick <unfixed> (bug #806441)
+ [jessie] - imagemagick <no-dsa> (Minor issue)
+ [wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick 8:6.6.0.4-3+squeeze7
NOTE: workaround entry for DLA-353-1 until/if CVE assigned
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803
@@ -6930,6 +6932,8 @@
NOTE: The problem can only be triggered with recent versions of
ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is
not vulnerable, older versions are not vulnerable)
CVE-2015-XXXX [Integer and Buffer overflow in coders/icon.c]
- imagemagick <unfixed> (bug #806441)
+ [jessie] - imagemagick <no-dsa> (Minor issue)
+ [wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick 8:6.6.0.4-3+squeeze7
NOTE: workaround entry for DLA-353-1 until/if CVE assigned
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
