Author: carnil
Date: 2016-09-22 06:32:04 +0000 (Thu, 22 Sep 2016)
New Revision: 44811
Modified:
data/CVE/list
data/DSA/list
Log:
More imagemagick CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-22 06:24:31 UTC (rev 44810)
+++ data/CVE/list 2016-09-22 06:32:04 UTC (rev 44811)
@@ -2161,14 +2161,6 @@
RESERVED
CVE-2016-7520
RESERVED
-CVE-2016-7519
- RESERVED
-CVE-2016-7518
- RESERVED
-CVE-2016-7517
- RESERVED
-CVE-2016-7516
- RESERVED
CVE-2016-7512
RESERVED
CVE-2016-7511
@@ -4726,45 +4718,51 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1
- NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-7515 [rle file handling for corrupted file]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832461)
NOTE: https://bugs.launchpad.net/bugs/1533445
NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1
- NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [buffer overflow in sun file handling]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2015-8957 [buffer overflow in sun file handling]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832464)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
- NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [potential DOS in sun file handling due to malformed files]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2015-8958 [potential DOS in sun file handling due to malformed files]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832465)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
- NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bunds problem in rle, pict, viff and sun files]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7516 [out of bunds problem in rle, pict, viff and sun files]
- imagemagick <unfixed> (bug #832467)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1533452
NOTE: https://github.com/ImageMagick/ImageMagick/issues/77
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7517
+ - imagemagick <unfixed> (bug #832467)
NOTE: https://bugs.launchpad.net/bugs/1533449
NOTE: https://github.com/ImageMagick/ImageMagick/issues/80
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7518
+ - imagemagick <unfixed> (bug #832467)
NOTE: https://bugs.launchpad.net/bugs/1533447
NOTE: https://github.com/ImageMagick/ImageMagick/issues/81
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7519
+ - imagemagick <unfixed> (bug #832467)
NOTE: https://bugs.launchpad.net/bugs/1533445
NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
- NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/07/1
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [heap overflow in hdr file handling]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832469)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2016-09-22 06:24:31 UTC (rev 44810)
+++ data/DSA/list 2016-09-22 06:32:04 UTC (rev 44811)
@@ -62,7 +62,7 @@
{CVE-2016-6354}
[jessie] - flex 2.5.39-8+deb8u1
[25 Aug 2016] DSA-3652-1 imagemagick - security update
- {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687
CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841
CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515}
+ {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687
CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841
CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515
CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518
CVE-2016-7519}
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
[25 Aug 2016] DSA-3651-1 rails - security update
{CVE-2016-6316}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
