Author: carnil
Date: 2016-09-20 16:48:01 +0000 (Tue, 20 Sep 2016)
New Revision: 44753
Modified:
data/CVE/list
Log:
Track fixes from imagemagick to experimental and to be merged after transition
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-20 16:25:57 UTC (rev 44752)
+++ data/CVE/list 2016-09-20 16:48:01 UTC (rev 44753)
@@ -4690,6 +4690,7 @@
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723
CVE-2016-XXXX [out-of-bounds read in coders/psd.c]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832457)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1533442
@@ -4700,6 +4701,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [rle file handling for corrupted file]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832461)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1533445
@@ -4707,6 +4709,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [buffer overflow in sun file handling]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832464)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
@@ -4715,6 +4718,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [potential DOS in sun file handling due to malformed files]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832465)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
@@ -4736,6 +4740,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [heap overflow in hdr file handling]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832469)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537213
@@ -4743,6 +4748,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [heap buffer overflow in psd file handling]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832474)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537418
@@ -4750,6 +4756,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [out of bound access for malformed psd file]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832475)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537419
@@ -4757,6 +4764,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [meta file out of bound access]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832478)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537420
@@ -4765,6 +4773,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/5a34d7ac889bd6645f6cfd164636e3efb56dbb2f
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [heap buffer overflow in psd file coder]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832480)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537424
@@ -4783,6 +4792,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [out of bound access for viff file coder]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832483)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537425
@@ -4790,6 +4800,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [out of bound access in xcf file coder]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832504)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1539051
@@ -4799,6 +4810,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [out of bound in quantum handling]
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832506)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1539067
@@ -7625,6 +7637,7 @@
CVE-2016-5842
RESERVED
{DSA-3652-1}
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #831034)
NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
@@ -7632,6 +7645,7 @@
CVE-2016-5841
RESERVED
{DSA-3652-1}
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #831034)
NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
