Author: carnil
Date: 2016-09-22 07:00:32 +0000 (Thu, 22 Sep 2016)
New Revision: 44814

Modified:
   data/CVE/list
   data/DSA/list
Log:
Final round of CVE assignments for imagemagick

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-22 06:53:31 UTC (rev 44813)
+++ data/CVE/list       2016-09-22 07:00:32 UTC (rev 44814)
@@ -2119,14 +2119,6 @@
        RESERVED
 CVE-2016-7541
        RESERVED
-CVE-2016-7540
-       RESERVED
-CVE-2016-7539
-       RESERVED
-CVE-2016-7538
-       RESERVED
-CVE-2016-7537
-       RESERVED
 CVE-2016-7512
        RESERVED
 CVE-2016-7511
@@ -4848,51 +4840,45 @@
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/130
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453
        NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bound access for corrupted pdb file]
+CVE-2016-7537 [out of bound access for corrupted pdb file]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832791)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1553366
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/143
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [SIGABRT for corrupted pdb file]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7538 [SIGABRT for corrupted pdb file]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832793)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1556273
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/148
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [DOS due to corrupted DDS files]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2015-8959 [DOS due to corrupted DDS files]
        - imagemagick <unfixed> (bug #832944)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: 
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
-       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/93ab016764c7f787829d9065440d86f5609765110
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [DOS due to corrupted DDS files]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2014-9907 [DOS due to corrupted DDS files]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #832942)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [potential DOS by not releasing memory]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7539 [potential DOS by not releasing memory]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #833101)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c
        NOTE: 
http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [writing to rgf format aborts]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7540 [writing to rgf format aborts]
        [experimental] - imagemagick 8:6.9.5.9+dfsg-1
        - imagemagick <unfixed> (bug #827643)
-       [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
        NOTE: https://bugs.launchpad.net/bugs/1594060
        NOTE: https://github.com/ImageMagick/ImageMagick/pull/223
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/08/07/1
+       NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
 CVE-2016-6603
        RESERVED
 CVE-2016-6602

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2016-09-22 06:53:31 UTC (rev 44813)
+++ data/DSA/list       2016-09-22 07:00:32 UTC (rev 44814)
@@ -62,7 +62,7 @@
        {CVE-2016-6354}
        [jessie] - flex 2.5.39-8+deb8u1
 [25 Aug 2016] DSA-3652-1 imagemagick - security update
-       {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 
CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 
CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 
CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 
CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 
CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 
CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 
CVE-2016-7534 CVE-2016-7535 CVE-2016-7536}
+       {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 
CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 
CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 
CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 
CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 
CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 
CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 
CVE-2016-7534 CVE-2016-7535 CVE-2016-7536 CVE-2016-7537 CVE-2015-8959 
CVE-2014-9907 CVE-2016-7539 CVE-2016-7540}
        [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 [25 Aug 2016] DSA-3651-1 rails - security update
        {CVE-2016-6316}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to