Author: carnil Date: 2016-09-22 06:32:04 +0000 (Thu, 22 Sep 2016) New Revision: 44811
Modified: data/CVE/list data/DSA/list Log: More imagemagick CVEs Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-09-22 06:24:31 UTC (rev 44810) +++ data/CVE/list 2016-09-22 06:32:04 UTC (rev 44811) @@ -2161,14 +2161,6 @@ RESERVED CVE-2016-7520 RESERVED -CVE-2016-7519 - RESERVED -CVE-2016-7518 - RESERVED -CVE-2016-7517 - RESERVED -CVE-2016-7516 - RESERVED CVE-2016-7512 RESERVED CVE-2016-7511 @@ -4726,45 +4718,51 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d NOTE: https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb NOTE: https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7515 [rle file handling for corrupted file] [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832461) NOTE: https://bugs.launchpad.net/bugs/1533445 NOTE: https://github.com/ImageMagick/ImageMagick/issues/82 NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 -CVE-2016-XXXX [buffer overflow in sun file handling] + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 +CVE-2015-8957 [buffer overflow in sun file handling] [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832464) - [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838 NOTE: https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a NOTE: https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d NOTE: https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 -CVE-2016-XXXX [potential DOS in sun file handling due to malformed files] + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 +CVE-2015-8958 [potential DOS in sun file handling due to malformed files] [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832465) - [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857 NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75 NOTE: https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f NOTE: https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961 NOTE: https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 -CVE-2016-XXXX [out of bunds problem in rle, pict, viff and sun files] + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 +CVE-2016-7516 [out of bunds problem in rle, pict, viff and sun files] - imagemagick <unfixed> (bug #832467) - [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 NOTE: https://bugs.launchpad.net/bugs/1533452 NOTE: https://github.com/ImageMagick/ImageMagick/issues/77 + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 +CVE-2016-7517 + - imagemagick <unfixed> (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533449 NOTE: https://github.com/ImageMagick/ImageMagick/issues/80 + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 +CVE-2016-7518 + - imagemagick <unfixed> (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533447 NOTE: https://github.com/ImageMagick/ImageMagick/issues/81 + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 +CVE-2016-7519 + - imagemagick <unfixed> (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533445 NOTE: https://github.com/ImageMagick/ImageMagick/issues/82 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-XXXX [heap overflow in hdr file handling] [experimental] - imagemagick 8:6.9.5.9+dfsg-1 - imagemagick <unfixed> (bug #832469) Modified: data/DSA/list =================================================================== --- data/DSA/list 2016-09-22 06:24:31 UTC (rev 44810) +++ data/DSA/list 2016-09-22 06:32:04 UTC (rev 44811) @@ -62,7 +62,7 @@ {CVE-2016-6354} [jessie] - flex 2.5.39-8+deb8u1 [25 Aug 2016] DSA-3652-1 imagemagick - security update - {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515} + {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519} [jessie] - imagemagick 8:6.8.9.9-5+deb8u4 [25 Aug 2016] DSA-3651-1 rails - security update {CVE-2016-6316} _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits