[Secure-testing-commits] r44812 - in data: CVE DSA

Salvatore Bonaccorso Wed, 21 Sep 2016 23:43:44 -0700

Author: carnil
Date: 2016-09-22 06:42:47 +0000 (Thu, 22 Sep 2016)
New Revision: 44812


Modified:
   data/CVE/list
   data/DSA/list
Log:
Anothr round of imagemagick CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-22 06:32:04 UTC (rev 44811)
+++ data/CVE/list       2016-09-22 06:42:47 UTC (rev 44812)
@@ -2145,22 +2145,6 @@
        RESERVED
 CVE-2016-7528
        RESERVED
-CVE-2016-7527
-       RESERVED
-CVE-2016-7526
-       RESERVED
-CVE-2016-7525
-       RESERVED
-CVE-2016-7524
-       RESERVED
-CVE-2016-7523
-       RESERVED
-CVE-2016-7522
-       RESERVED
-CVE-2016-7521
-       RESERVED
-CVE-2016-7520
-       RESERVED
 CVE-2016-7512
        RESERVED
 CVE-2016-7511
@@ -4763,58 +4747,58 @@
        NOTE: https://bugs.launchpad.net/bugs/1533445
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
        NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [heap overflow in hdr file handling]
+CVE-2016-7520 [heap overflow in hdr file handling]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832469)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1537213
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/90
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [heap buffer overflow in psd file handling]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7521 [heap buffer overflow in psd file handling]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832474)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1537418
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/92
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bound access for malformed psd file]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7522 [out of bound access for malformed psd file]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832475)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1537419
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/93
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [meta file out of bound access]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7523 [meta file out of bound access]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832478)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1537420
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/94
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7524
+       [experimental] - imagemagick 8:6.9.5.9+dfsg-1
+       - imagemagick <unfixed> (bug #832478)
+       NOTE: https://bugs.launchpad.net/bugs/1537422
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/96
-       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6
-       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/5a34d7ac889bd6645f6cfd164636e3efb56dbb2f
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [heap buffer overflow in psd file coder]
+CVE-2016-7525 [heap buffer overflow in psd file coder]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832480)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1537424
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/98
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bound access in wpg file coder]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7526 [out of bound access in wpg file coder]
        - imagemagick <unfixed> (bug #832482)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1539050
-       NOTE: https://bugs.launchpad.net/bugs/1542115
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/102
-       NOTE: https://github.com/ImageMagick/ImageMagick/issues/122
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7527
+       - imagemagick <unfixed> (bug #832482)
+       NOTE: https://bugs.launchpad.net/bugs/1542115
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/122
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
 CVE-2016-XXXX [out of bound access for viff file coder]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832483)

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2016-09-22 06:32:04 UTC (rev 44811)
+++ data/DSA/list       2016-09-22 06:42:47 UTC (rev 44812)
@@ -62,7 +62,7 @@
        {CVE-2016-6354}
        [jessie] - flex 2.5.39-8+deb8u1
 [25 Aug 2016] DSA-3652-1 imagemagick - security update
-       {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 
CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 
CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 
CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 
CVE-2016-7519}
+       {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 
CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 
CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 
CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 
CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 
CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527}
        [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 [25 Aug 2016] DSA-3651-1 rails - security update
        {CVE-2016-6316}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r44812 - in data: CVE DSA

Reply via email to